Snider
abe74a1a3d
- Change module from forge.lthn.ai/core/go to forge.lthn.ai/core/cli - Remove pkg/ directory (now served from core/go) - Add require + replace for forge.lthn.ai/core/go => ../go - Update go.work to include ../go workspace module - Fix all internal/cmd/* imports: pkg/ refs → forge.lthn.ai/core/go/pkg/ - Rename internal/cmd/sdk package to sdkcmd (avoids conflict with pkg/sdk) - Remove SDK library files from internal/cmd/sdk/ (now in core/go/pkg/sdk/) - Remove duplicate RAG helper functions from internal/cmd/rag/ - Remove stale cmd/core-ide/ (now in core/ide repo) - Update IDE variant to remove core-ide import - Fix test assertion for new module name - Run go mod tidy to sync dependencies core/cli is now a pure CLI application importing core/go for packages. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Co-authored-by: Claude <developers@lethean.io> Reviewed-on: #1
74 lines
1.5 KiB
Go
74 lines
1.5 KiB
Go
package crypt
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"forge.lthn.ai/core/go/pkg/cli"
|
|
"forge.lthn.ai/core/go/pkg/crypt"
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
// Hash command flags
|
|
var (
|
|
hashBcrypt bool
|
|
hashVerify string
|
|
)
|
|
|
|
func addHashCommand(parent *cli.Command) {
|
|
hashCmd := cli.NewCommand("hash", "Hash a password with Argon2id or bcrypt", "", func(cmd *cli.Command, args []string) error {
|
|
return runHash(args[0])
|
|
})
|
|
hashCmd.Args = cli.ExactArgs(1)
|
|
|
|
cli.BoolFlag(hashCmd, &hashBcrypt, "bcrypt", "b", false, "Use bcrypt instead of Argon2id")
|
|
cli.StringFlag(hashCmd, &hashVerify, "verify", "", "", "Verify input against this hash")
|
|
|
|
parent.AddCommand(hashCmd)
|
|
}
|
|
|
|
func runHash(input string) error {
|
|
// Verify mode
|
|
if hashVerify != "" {
|
|
return runHashVerify(input, hashVerify)
|
|
}
|
|
|
|
// Hash mode
|
|
if hashBcrypt {
|
|
hash, err := crypt.HashBcrypt(input, bcrypt.DefaultCost)
|
|
if err != nil {
|
|
return cli.Wrap(err, "failed to hash password")
|
|
}
|
|
fmt.Println(hash)
|
|
return nil
|
|
}
|
|
|
|
hash, err := crypt.HashPassword(input)
|
|
if err != nil {
|
|
return cli.Wrap(err, "failed to hash password")
|
|
}
|
|
fmt.Println(hash)
|
|
return nil
|
|
}
|
|
|
|
func runHashVerify(input, hash string) error {
|
|
var match bool
|
|
var err error
|
|
|
|
if hashBcrypt {
|
|
match, err = crypt.VerifyBcrypt(input, hash)
|
|
} else {
|
|
match, err = crypt.VerifyPassword(input, hash)
|
|
}
|
|
|
|
if err != nil {
|
|
return cli.Wrap(err, "failed to verify hash")
|
|
}
|
|
|
|
if match {
|
|
cli.Success("Password matches hash")
|
|
return nil
|
|
}
|
|
|
|
cli.Error("Password does not match hash")
|
|
return cli.Err("hash verification failed")
|
|
}
|