IAmChrisAMA
/
rogueserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use channels to rate limit argon2

oauth2
maru 2024-04-19 13:27:55 -04:00
parent fbd4a60a4a
commit 1d54c1ad64
No known key found for this signature in database
GPG Key ID: 37689350E9CD0F0D
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
api/account/common.go
View File

@ -2,7 +2,6 @@ package account
import ( import (
"regexp" "regexp"
"sync"
"golang.org/x/crypto/argon2" "golang.org/x/crypto/argon2"
) )
@ -18,18 +17,20 @@ const (
ArgonKeySize = 32 ArgonKeySize = 32
ArgonSaltSize = 16 ArgonSaltSize = 16
ArgonMaxInstances = 16
UUIDSize = 16 UUIDSize = 16
TokenSize = 32 TokenSize = 32
) )
var ( var (
isValidUsername = regexp.MustCompile(`^\w{1,16}$`).MatchString isValidUsername = regexp.MustCompile(`^\w{1,16}$`).MatchString
argonMtx sync.Mutex semaphore = make(chan bool, ArgonMaxInstances)
) )
func deriveArgon2IDKey(password, salt []byte) []byte { func deriveArgon2IDKey(password, salt []byte) []byte {
argonMtx.Lock() semaphore <- true
defer argonMtx.Unlock() defer func() { <-semaphore }()
return argon2.IDKey(password, salt, ArgonTime, ArgonMemory, ArgonThreads, ArgonKeySize) return argon2.IDKey(password, salt, ArgonTime, ArgonMemory, ArgonThreads, ArgonKeySize)
} }