View Source AshAuthentication.HashProvider behaviour (ash_authentication v4.0.0)

A behaviour providing password hashing.

Summary

Callbacks

Given some user input as a string, convert it into it's hashed form.

Attempt to defeat timing attacks by simulating a password hash check.

Check if the user input matches the hash.

Callbacks

@callback hash(input :: String.t()) :: {:ok, hash :: String.t()} | :error

Given some user input as a string, convert it into it's hashed form.

@callback simulate() :: false

Attempt to defeat timing attacks by simulating a password hash check.

See Bcrypt.no_user_verify/1 for more information.

@callback valid?(input :: String.t(), hash :: String.t()) :: boolean()

Check if the user input matches the hash.