package store

import (
	"golang.org/x/crypto/bcrypt"
)

// HashPassword turns a plaintext password into a crypt()ed string, using bcrypt
func HashPassword(password string) (string, error) {
	b, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)

	return string(b), err
}

func CheckPassword(hashed, plain string) bool {
	return bcrypt.CompareHashAndPassword([]byte(hashed), []byte(plain)) == nil
}

// Account is stored in the database as domains/<domain>/accounts/<id>/config
type Account struct {
	// The username is typically user@example.com - the user is required to
	// enter it *exactly* to log in.
	Username string `storm:"id"`

	// Whether the user is an admin or not. Typically, only postmaster@example.com
	// is an admin, but others may be set up too if desired.
	Admin bool

	// Wildcard users are last-resort destinations for incoming mail. A domain
	// should only have one of them.
	Wildcard bool `storm:"index"`

	// As generated by HashPassword
	PasswordHash string
}