func validateCredentials(attemptedPassword string, actualPasswordHash string) (bool, error) {
if err := bcrypt.CompareHashAndPassword([]byte(actualPasswordHash), []byte(attemptedPassword)); err != nil {
fmt.Printf("validateCredentials error is %v", err)
return false, nil
}
return true, nil
}
I wrote a test that looks like this:
func TestAuth_validateCredentials(t *testing.T) {
var actualPassword = "hello123"
actualPasswordHash, _ := bcrypt.GenerateFromPassword([]byte(actualPassword), bcrypt.MinCost)
if valid, err := validateCredentials("username", string(actualPasswordHash)); err != nil {
t.Error("Unexpted error: ", err)
} else if valid {
t.Error("Expected invalid when password is wrong")
}
}
I keep getting this error:
validateCredentials error is crypto/bcrypt: hashedPassword is not the hash of the given passwordPASS
What am I doing wrong here?
You're passing "username" instead of actualPassword
if valid, err := validateCredentials(actualPassword, string(actualPasswordHash))