Getting basics down

internal/darkstorm_backend/README.md

@@ -28,7 +28,11 @@ This is a purposefully "simple" application backend made specifically for _my_ a
   username: "username",
   password: "hashed password",
   salt: "password salt",
+  email: "email",
   passwordChange: 0, // unix timestamp of last password change
+  perm: {
+    appID: "user", // Optional. Apps should have a default permission level if thier appID is not in perm.
+  }
 }
 ```
 

internal/darkstorm_backend/app.go

@@ -1,3 +1,11 @@
 package darkstorm
 
-type App interface{}
+type App interface {
+	//TODO
+}
+
+type CrashApp interface {
+	App
+	AddCrash(CrashReport)
+	// TODO
+}

internal/darkstorm_backend/crash.go

@@ -0,0 +1,4 @@
+package darkstorm
+
+type CrashReport struct{}
+

internal/darkstorm_backend/darkstorm_test.go

@@ -0,0 +1 @@
+package darkstorm

internal/darkstorm_backend/user.go

@@ -0,0 +1,62 @@
+package darkstorm
+
+import (
+	"crypto/rand"
+	"encoding/base64"
+
+	"github.com/google/uuid"
+	"golang.org/x/crypto/argon2"
+)
+
+func generateSalt() (string, error) {
+	out := make([]byte, 16)
+	_, err := rand.Read(out)
+	return base64.RawStdEncoding.EncodeToString(out), err
+}
+
+type User struct {
+	Perm           map[string]string
+	ID             string
+	Username       string
+	Password       string
+	Salt           string
+	Email          string
+	PasswordChange uint64
+}
+
+func NewUser(username, password, email string) (*User, error) {
+	id, err := uuid.NewV7()
+	if err != nil {
+		return nil, err
+	}
+	salt, err := generateSalt()
+	if err != nil {
+		return nil, err
+	}
+	out := &User{
+		Perm:     make(map[string]string),
+		ID:       id.String(),
+		Username: username,
+		Salt:     salt,
+		Email:    email,
+	}
+	out.Password, err = out.HashPassword(password)
+	return out, err
+}
+
+func (u *User) HashPassword(password string) (string, error) {
+	salt, err := base64.RawStdEncoding.DecodeString(u.Salt)
+	if err != nil {
+		return "", err
+	}
+	res := argon2.IDKey([]byte(password), salt, 1, 64*1024, 4, 32)
+	return base64.RawStdEncoding.EncodeToString(res), nil
+}
+
+func (u *User) ValidatePassword(password string) (bool, error) {
+	hsh, err := u.HashPassword(password)
+	if err != nil {
+		return false, err
+	}
+	return hsh == u.Password, nil
+}