From 49b5910593400a1695bbb0a563f6a387fb703d1d Mon Sep 17 00:00:00 2001
From: Carlos Narro <carlos@relabtive.com>
Date: Sat, 30 May 2026 19:32:28 +0200
Subject: [PATCH] =?UTF-8?q?Add=20hashing=20y=20verificaci=C3=B3n=20de=20co?=
 =?UTF-8?q?ntrase=C3=B1a?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 mvp/b2c/src/lib/auth/password.ts    | 11 +++++++++++
 mvp/b2c/tests/auth/password.test.ts | 15 +++++++++++++++
 2 files changed, 26 insertions(+)
 create mode 100644 mvp/b2c/src/lib/auth/password.ts
 create mode 100644 mvp/b2c/tests/auth/password.test.ts

diff --git a/mvp/b2c/src/lib/auth/password.ts b/mvp/b2c/src/lib/auth/password.ts
new file mode 100644
index 0000000..1ea6a7a
--- /dev/null
+++ b/mvp/b2c/src/lib/auth/password.ts
@@ -0,0 +1,11 @@
+import bcrypt from 'bcryptjs';
+
+const SALT_ROUNDS = 10;
+
+export function hashPassword(plain: string): Promise<string> {
+  return bcrypt.hash(plain, SALT_ROUNDS);
+}
+
+export function verifyPassword(plain: string, hash: string): Promise<boolean> {
+  return bcrypt.compare(plain, hash);
+}
diff --git a/mvp/b2c/tests/auth/password.test.ts b/mvp/b2c/tests/auth/password.test.ts
new file mode 100644
index 0000000..1a3f52c
--- /dev/null
+++ b/mvp/b2c/tests/auth/password.test.ts
@@ -0,0 +1,15 @@
+import { describe, it, expect } from 'vitest';
+import { hashPassword, verifyPassword } from '@/lib/auth/password';
+
+describe('password', () => {
+  it('verifica una contraseña correcta contra su hash', async () => {
+    const hash = await hashPassword('Reforma2026!');
+    expect(hash).not.toBe('Reforma2026!');
+    expect(await verifyPassword('Reforma2026!', hash)).toBe(true);
+  });
+
+  it('rechaza una contraseña incorrecta', async () => {
+    const hash = await hashPassword('Reforma2026!');
+    expect(await verifyPassword('otra', hash)).toBe(false);
+  });
+});