package auth import "testing" func TestHashVerifyRoundTrip(t *testing.T) { h, err := HashPassword("s3cret-pw") if err != nil { t.Fatal(err) } if h == "s3cret-pw" || len(h) < 20 { t.Fatalf("bad hash %q", h) } ok, err := VerifyPassword(h, "s3cret-pw") if err != nil || !ok { t.Fatalf("verify failed: %v %v", ok, err) } bad, _ := VerifyPassword(h, "wrong") if bad { t.Fatal("wrong password must not verify") } } func TestHashNonDeterministic(t *testing.T) { a, _ := HashPassword("same") b, _ := HashPassword("same") if a == b { t.Fatal("salt must randomize hash") } }