Use channels to rate limit argon2

oauth2
maru 2024-04-19 13:27:55 -04:00
parent fbd4a60a4a
commit 1d54c1ad64
No known key found for this signature in database
GPG Key ID: 37689350E9CD0F0D
1 changed files with 5 additions and 4 deletions

View File

@ -2,7 +2,6 @@ package account
import (
"regexp"
"sync"
"golang.org/x/crypto/argon2"
)
@ -18,18 +17,20 @@ const (
ArgonKeySize = 32
ArgonSaltSize = 16
ArgonMaxInstances = 16
UUIDSize = 16
TokenSize = 32
)
var (
isValidUsername = regexp.MustCompile(`^\w{1,16}$`).MatchString
argonMtx sync.Mutex
semaphore = make(chan bool, ArgonMaxInstances)
)
func deriveArgon2IDKey(password, salt []byte) []byte {
argonMtx.Lock()
defer argonMtx.Unlock()
semaphore <- true
defer func() { <-semaphore }()
return argon2.IDKey(password, salt, ArgonTime, ArgonMemory, ArgonThreads, ArgonKeySize)
}