password_test.go
31 lines1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
package security
import "testing"
func TestHashPassword_CheckPassword(t *testing.T) {
hash, err := HashPassword("mypassword")
if err != nil {
t.Fatal(err)
}
if hash == "" {
t.Fatal("expected non-empty hash")
}
if hash == "mypassword" {
t.Fatal("hash should not equal plaintext")
}
if !CheckPassword(hash, "mypassword") {
t.Error("expected password to match")
}
if CheckPassword(hash, "wrongpassword") {
t.Error("expected wrong password to not match")
}
}
func TestHashPassword_UniqueHashes(t *testing.T) {
h1, _ := HashPassword("same")
h2, _ := HashPassword("same")
if h1 == h2 {
t.Error("expected different hashes for same password (bcrypt uses random salt)")
}
}