https://github.com/arithefirst/postgres-credential-storage

A system for storing salted and hashed user credentials in PostgreSQL implemented in go
https://github.com/arithefirst/postgres-credential-storage

golang golang-library golang-package hash password postgres salting sha256

Last synced: 10 months ago
JSON representation

A system for storing salted and hashed user credentials in PostgreSQL implemented in go

• Host: GitHub
• URL: https://github.com/arithefirst/postgres-credential-storage
• Owner: arithefirst
• Created: 2024-10-06T21:57:11.000Z (over 1 year ago)
• Default Branch: master
• Last Pushed: 2024-10-06T21:57:35.000Z (over 1 year ago)
• Last Synced: 2025-04-01T20:06:19.163Z (10 months ago)
• Topics: golang, golang-library, golang-package, hash, password, postgres, salting, sha256
• Language: Go
• Homepage:
• Size: 7.81 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Postgres Credential Storage

A simple system to store user credentials in postgres utilizing salts and SHA256, 

implemented in go. Created by [arithefirst](https://arithefirst.com).

# Docs

## Prerequisites

In order to use this library, you must have a table in your database with the properties shown
 

below. If your table does not have these properties, or is not named `login`, this library will


not work. Your table can have more columns than show, but must have these 3 at least.

```SQL

CREATE TABLE login (

    username text unique,

    salt text,

    hash text

)

```

## Connecting to your DB

In order to connect to your DB, you need to create a variable or const of type


`pcs.PostgresConnection`. You can then populate this variable with the connection


details for your PostgreSQL server.

```golang

package main

import pcs "github.com/arithefirst/postgres-credential-storage"

func main() {

	connection := pcs.PostgresConnection{

		Host: "localhost",

		Port: 5432,

		User: "postgres",

		Pass: "postgres",

		Db:   "users",

		SSL:  false,

	}

}

```

## Hashing and Salting plaintext credentials

PCS Comes with a function to Hash and Salt your credentials for you from plaintext.
 

Just run the `pcs.SetPassword()` function with the required parameters, and it will


store the password's salt and hash in the DB. All you need to pass in is your variable 


of type `pcs.PostgresConnection`, username, and password. The password is then 


salted, SHA256 Hashed, and added to the DB.

```golang

func main() {

	err := pcs.SetPassword("johnsmith@example.com", "password123", connection)

	if err != nil {

		panic(err)

	}

}

```

Output:

```

+-----------------------+----------------------------------+------------------------------------------------------------------+

| username              | salt                             | hash                                                             |

+-----------------------+----------------------------------+------------------------------------------------------------------+

| johnsmith@example.com | ^5@gVJN8>5p$67qXku2b6Oe6!#Z7Bd5c | 8993f6ad6e8539c0382ef40b3a320501d561d8e8eeceaaaeb59efcea6b7083b1 |

+-----------------------+----------------------------------+------------------------------------------------------------------+

```

## Storing pre-encrypted credentials

If you need to store a password that has already been salted and hashed, you can run 


`pcs.setPasswordNoHash` with the connection variable, plaintext salt, and the SHA256 hash.

```golang

func main() {

	err := pcs.SetPasswordNoHash("johnsmith@example.com",

		"8993f6ad6e8539c0382ef40b3a320501d561d8e8eeceaaaeb59efcea6b7083b1",

		"^5@gVJN8>5p$67qXku2b6Oe6!#Z7Bd5c", connection)

	if err != nil {

		panic(err)

	}

}

```

Output:

```

+-----------------------+----------------------------------+------------------------------------------------------------------+

| username              | salt                             | hash                                                             |

+-----------------------+----------------------------------+------------------------------------------------------------------+

| johnsmith@example.com | ^5@gVJN8>5p$67qXku2b6Oe6!#Z7Bd5c | 8993f6ad6e8539c0382ef40b3a320501d561d8e8eeceaaaeb59efcea6b7083b1 |

+-----------------------+----------------------------------+------------------------------------------------------------------+

```

## Validating Credentials

To check if a password for a given user is valid, use `pcs.CheckPassword`. It requires a user


and the password you want to validate. It will pull the salt and hash from the database for the


specified user, salt the given password, and check if the hashes match. If they do match, it will


return `(true, nil)`. otherwise it will return `(false, nil)`.

```golang

func main() {

    // Returns true, nil 

    valid, err := pcs.CheckPassword("johnsmith@example.com", "password123")

    if err != nil{

        panic(err)

    }

	

    // Returns false, nil

    valid, err := pcs.CheckPassword("johnsmith@example.com", "notpassword123")

    if err != nil{

        panic(err)

    }

} 

```