Add VerifyPassword from foomo#9

Author: Alexander Sheiko

htpasswd.go

@@ -8,6 +8,9 @@ import (
 	"io/ioutil"
 	"os"
 	"strings"
+
+	"github.com/GehirnInc/crypt/apr1_crypt"
+	"golang.org/x/crypto/bcrypt"
 )
 
 // HashedPasswords name => hash
@@ -25,6 +28,13 @@ const (
 	HashSHA = "sha"
 )
 
+// HashAlgorithms is a list of supported hashes
+var HashAlgorithms = []HashAlgorithm{
+	HashAPR1,
+	HashBCrypt,
+	HashSHA,
+}
+
 const (
 	// PasswordSeparator separates passwords from hashes
 	PasswordSeparator = ":"
@@ -75,6 +85,25 @@ func (hp HashedPasswords) SetPassword(name, password string, hashAlgorithm HashA
 	return nil
 }
 
+// VerifyPassword verify a password for a user with a hashing algo
+func (hp HashedPasswords) VerifyPassword(name, password string, hashAlgorithm HashAlgorithm) bool {
+	if len(password) == 0 {
+		return false
+	}
+	switch hashAlgorithm {
+	case HashAPR1:
+		err := apr1_crypt.New().Verify(hp[name], []byte(password))
+		return err == nil
+	case HashSHA:
+		return "{SHA}"+hashSha(password) == hp[name]
+	case HashBCrypt:
+		err := bcrypt.CompareHashAndPassword([]byte(hp[name]), []byte(password))
+		return err == nil
+	default:
+		return false
+	}
+}
+
 // ParseHtpasswdFile load a htpasswd file
 func ParseHtpasswdFile(file string) (passwords HashedPasswords, err error) {
 	htpasswdBytes, err := ioutil.ReadFile(file)

htpasswd_test.go

@@ -135,3 +135,12 @@ func TestHashing(t *testing.T) {
 		}
 	}
 }
+
+func TestVerify(t *testing.T) {
+	testHashes := getHashedPasswords()
+	for _, algo := range HashAlgorithms {
+		if !testHashes.VerifyPassword(string(algo), string(algo), algo) {
+			t.Error(algo, testHashes[string(algo)])
+		}
+	}
+}