fosite-hasher-argon2 provides an Argon2 based password hasher that conforms to the hasher interface required by fosite.
Table of contents
Following the fosite-example/authorizationserver example, we can extend this to add support for the argon2 hasher via the compose configuration.
// ...
var (
// You'll probably want this somewhere to hash user passwords
argonHasher := &hasher.Argon2{
Config: argon2.DefaultConfig(),
}
// Check the api documentation of `compose.Config` for further configuration options.
config = &fosite.Config{
AccessTokenLifespan: time.Minute * 30,
GlobalSecret: secret,
// Hash client secrets with argon2id!
ClientSecretsHasher: argonHasher,
// ...
}
)
// ...The following table lists the compatible versions of hasher with fosite. If you are currently using this in production, it would be awesome to know what versions you are successfully paired with.
| hasher version | minimum fosite version | maximum fosite version |
|---|---|---|
v5.1.X |
v0.49.X |
v0.49.X |
v5.X.X |
v0.25.X |
v0.40.X |
- Install Go
- Create a new go project
go mod init - Run
go get github.com/matthewhartstonge/hasher/v5 go buildsuccessfully!
hasher is under the Apache 2.0 License.
