Comeonin behaviour (Comeonin v5.3.3) View Source

Defines a behaviour for higher-level password hashing functions.

Link to this section Summary

Callbacks

Hashes a password and returns the password hash in a map.

Checks the password by comparing its hash with the password hash found in a user struct, or map.

Runs the password hash function, but always returns false.

Link to this section Types

Specs

opts() :: keyword()

Specs

password() :: binary()

Specs

user_struct() :: map() | nil

Link to this section Callbacks

Link to this callback

add_hash(password, opts)

View Source

Specs

add_hash(password(), opts()) :: map()

Hashes a password and returns the password hash in a map.

Link to this callback

check_pass(user_struct, password, opts)

View Source

Specs

check_pass(user_struct(), password(), opts()) ::
  {:ok, map()} | {:error, String.t()}

Checks the password by comparing its hash with the password hash found in a user struct, or map.

The first argument to check_pass/3 should be a user struct, a regular map, or nil.

Specs

no_user_verify(opts()) :: false

Runs the password hash function, but always returns false.

This function is intended to make it more difficult for any potential attacker to find valid usernames by using timing attacks. This function is only useful if it is used as part of a policy of hiding usernames.