From dcf4cb7cde4e355b29e1190ee8655f60e110109b Mon Sep 17 00:00:00 2001
From: Sean Enck <enckse@gmail.com>
Date: Tue, 10 Apr 2018 13:21:51 -0400
Subject: [PATCH] when entering/generating the password it's helpful to at
 least be asked to confirm the input so if you get something like an
 extraneous character, on confirmation, you could catch that

---
 oragono.go | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/oragono.go b/oragono.go
index 0ccc3ed2..0307f160 100644
--- a/oragono.go
+++ b/oragono.go
@@ -24,6 +24,15 @@ import (
 
 var commit = ""
 
+// get a password from stdin from the user
+func getPassword() string {
+	bytePassword, err := terminal.ReadPassword(int(syscall.Stdin))
+	if err != nil {
+		log.Fatal("Error reading password:", err.Error())
+	}
+	return string(bytePassword)
+}
+
 func main() {
 	version := irc.SemVer
 	usage := `oragono.
@@ -56,16 +65,18 @@ Options:
 
 	if arguments["genpasswd"].(bool) {
 		fmt.Print("Enter Password: ")
-		bytePassword, err := terminal.ReadPassword(int(syscall.Stdin))
-		if err != nil {
-			log.Fatal("Error reading password:", err.Error())
+		password := getPassword()
+		fmt.Print("\n")
+		fmt.Print("Reenter Password: ")
+		confirm := getPassword()
+		fmt.Print("\n")
+		if confirm != password {
+			log.Fatal("passwords do not match")
 		}
-		password := string(bytePassword)
 		encoded, err := passwd.GenerateEncodedPassword(password)
 		if err != nil {
 			log.Fatal("encoding error:", err.Error())
 		}
-		fmt.Print("\n")
 		fmt.Println(encoded)
 	} else if arguments["initdb"].(bool) {
 		irc.InitDB(config.Datastore.Path)