lib/ash_authentication/hash_provider.ex

Select File:

lib/ash_authentication/hash_provider.ex

defmodule AshAuthentication.HashProvider do
  @moduledoc """
  A behaviour providing password hashing.
  """

  @doc """
  Given some user input as a string, convert it into it's hashed form.
  """
  @callback hash(input :: String.t()) :: {:ok, hash :: String.t()} | :error

  @doc """
  Check if the user input matches the hash.
  """
  @callback valid?(input :: String.t(), hash :: String.t()) :: boolean()

  @doc """
  Attempt to defeat timing attacks by simulating a password hash check.

  See [Bcrypt.no_user_verify/1](https://hexdocs.pm/bcrypt_elixir/Bcrypt.html#no_user_verify/1) for more information.
  """
  @callback simulate :: false
end