Amolith and Crush created
Co-Authored-By: Crush <crush@charm.land>project/project.go | 6 +++++-
users/users.go | 12 ++++++++++--
2 files changed, 15 insertions(+), 3 deletions(-)
@@ -21,6 +21,10 @@ import (
"github.com/unascribed/FlexVer/go/flexver"
)
+const (
+ refreshInterval = 3600 * time.Second
+)
+
type Project struct {
ID string
URL string
@@ -239,7 +243,7 @@ func RefreshLoop(dbConn *sql.DB, mu *sync.Mutex, interval int, manualRefresh, re
case <-ticker.C:
projects = fetch()
case <-*manualRefresh:
- ticker.Reset(time.Second * 3600)
+ ticker.Reset(refreshInterval)
projects = fetch()
case <-*req:
@@ -14,6 +14,14 @@ import (
"golang.org/x/crypto/argon2"
)
+const (
+ argon2Time = 2
+ saltLength = 16
+ argon2KeyLen = 64
+ argon2Memory = 64 * 1024
+ argon2Threads = 4
+)
+
// argonHash accepts two strings for the user's password and a random salt,
// hashes the password using the salt, and returns the hash as a base64-encoded
// string.
@@ -23,13 +31,13 @@ func argonHash(password, salt string) (string, error) {
return "", err
}
- return base64.StdEncoding.EncodeToString(argon2.IDKey([]byte(password), decodedSalt, 2, 64*1024, 4, 64)), nil
+ return base64.StdEncoding.EncodeToString(argon2.IDKey([]byte(password), decodedSalt, argon2Time, argon2Memory, argon2Threads, argon2KeyLen)), nil
}
// generateSalt generates a random salt and returns it as a base64-encoded
// string.
func generateSalt() (string, error) {
- salt := make([]byte, 16)
+ salt := make([]byte, saltLength)
_, err := rand.Read(salt)
if err != nil {