package security import ( "crypto/rand" "crypto/sha256" "encoding/hex" "errors" "golang.org/x/crypto/bcrypt" ) func HashPassword(password string) (string, error) { if len(password) < 6 { return "", errors.New("password must contain at least 6 characters") } hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) if err != nil { return "", err } return string(hash), nil } func CheckPassword(hash string, password string) bool { return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) == nil } func NewRefreshToken() (string, string, error) { raw := make([]byte, 32) if _, err := rand.Read(raw); err != nil { return "", "", err } token := hex.EncodeToString(raw) return token, HashToken(token), nil } func HashToken(token string) string { sum := sha256.Sum256([]byte(token)) return hex.EncodeToString(sum[:]) }