refactor: Remove duplicate IsPasswordHashed from auth package

The config package has a more robust IsPasswordHashed function that
handles truncated hashes. The auth package had a simpler duplicate
that was only used in tests. Removed the duplicate and its test
(already covered by config/config_utils_test.go).

Reduces deadcode findings from 7 to 6.
This commit is contained in:
rcourtman 2025-12-02 17:19:07 +00:00
parent 512f2135f4
commit ec6133afd8
2 changed files with 0 additions and 60 deletions

View file

@ -204,59 +204,6 @@ func TestCheckPasswordHash(t *testing.T) {
}
}
func TestIsPasswordHashed(t *testing.T) {
tests := []struct {
name string
input string
expected bool
}{
{
name: "valid bcrypt hash",
input: "$2a$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/X4.qGAL0kcNWQKS5.",
expected: true,
},
{
name: "bcrypt 2b variant",
input: "$2b$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/X4.qGAL0kcNWQKS5.",
expected: true,
},
{
name: "bcrypt 2y variant",
input: "$2y$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/X4.qGAL0kcNWQKS5.",
expected: true,
},
{
name: "plain password",
input: "mypassword",
expected: false,
},
{
name: "empty string",
input: "",
expected: false,
},
{
name: "wrong length",
input: "$2a$12$short",
expected: false,
},
{
name: "wrong prefix",
input: "$1a$12$LQv3c1yqBWVHxkd0LHAkCOYz6TtxMQJqhN8/X4.qGAL0kcNWQKS5.",
expected: false,
},
}
for _, tc := range tests {
t.Run(tc.name, func(t *testing.T) {
result := IsPasswordHashed(tc.input)
if result != tc.expected {
t.Errorf("IsPasswordHashed(%q) = %v, want %v", tc.input, result, tc.expected)
}
})
}
}
func TestValidatePasswordComplexity(t *testing.T) {
tests := []struct {
name string

View file

@ -2,7 +2,6 @@ package auth
import (
"fmt"
"strings"
"golang.org/x/crypto/bcrypt"
)
@ -32,12 +31,6 @@ func CheckPasswordHash(password, hash string) bool {
return err == nil
}
// IsPasswordHashed checks if a string looks like a bcrypt hash
func IsPasswordHashed(password string) bool {
// Bcrypt hashes start with $2a$, $2b$, or $2y$ and are 60 characters long
return strings.HasPrefix(password, "$2") && len(password) == 60
}
// ValidatePasswordComplexity checks if a password meets complexity requirements
func ValidatePasswordComplexity(password string) error {
if len(password) < MinPasswordLength {