7 files changed, 11 insertions, 73 deletions
diff --git a/src/user/app.rs b/src/user/app.rs
index 2ab356f..5f58981 100644
--- a/src/user/app.rs
+++ b/src/user/app.rs
@@ -1,10 +1,10 @@
 use sqlx::sqlite::SqlitePool;
 
 use super::{
-    Password, User,
+    User,
     create::{self, Create},
 };
-use crate::{clock::DateTime, event::Broadcaster, name::Name};
+use crate::{clock::DateTime, event::Broadcaster, name::Name, password::Password};
 
 pub struct Users<'a> {
     db: &'a SqlitePool,
diff --git a/src/user/create.rs b/src/user/create.rs
index da94685..0e7a118 100644
--- a/src/user/create.rs
+++ b/src/user/create.rs
@@ -1,10 +1,11 @@
 use sqlx::{Transaction, sqlite::Sqlite};
 
-use super::{History, Password, password::StoredHash, repo::Provider as _, validate};
+use super::{History, repo::Provider as _, validate};
 use crate::{
     clock::DateTime,
     event::{Broadcaster, Event, repo::Provider as _},
     name::Name,
+    password::{Password, StoredHash},
 };
 
 #[must_use = "dropping a user creation attempt is likely a mistake"]
diff --git a/src/user/handlers/login/mod.rs b/src/user/handlers/login/mod.rs
index e80377e..da88885 100644
--- a/src/user/handlers/login/mod.rs
+++ b/src/user/handlers/login/mod.rs
@@ -9,8 +9,9 @@ use crate::{
     clock::RequestedAt,
     error::Internal,
     name::Name,
+    password::Password,
     token::{app, extract::IdentityCookie},
-    user::{Password, User},
+    user::User,
 };
 
 #[cfg(test)]
diff --git a/src/user/handlers/password/mod.rs b/src/user/handlers/password/mod.rs
index 9158325..c327e87 100644
--- a/src/user/handlers/password/mod.rs
+++ b/src/user/handlers/password/mod.rs
@@ -8,11 +8,12 @@ use crate::{
     app::App,
     clock::RequestedAt,
     error::Internal,
+    password::Password,
     token::{
         app,
         extract::{Identity, IdentityCookie},
     },
-    user::{Password, User},
+    user::User,
 };
 
 #[cfg(test)]
diff --git a/src/user/mod.rs b/src/user/mod.rs
index 44e1633..60ec209 100644
--- a/src/user/mod.rs
+++ b/src/user/mod.rs
@@ -5,9 +5,8 @@ pub mod event;
 pub mod handlers;
 mod history;
 mod id;
-pub mod password;
 pub mod repo;
 mod snapshot;
 mod validate;
 
-pub use self::{event::Event, history::History, id::Id, password::Password, snapshot::User};
+pub use self::{event::Event, history::History, id::Id, snapshot::User};
diff --git a/src/user/password.rs b/src/user/password.rs
deleted file mode 100644
index e1d164e..0000000
--- a/src/user/password.rs
+++ /dev/null
@@ -1,65 +0,0 @@
-use std::fmt;
-
-use argon2::Argon2;
-use password_hash::{PasswordHash, PasswordHasher, PasswordVerifier, SaltString};
-use rand_core::OsRng;
-
-use crate::normalize::nfc;
-
-#[derive(sqlx::Type)]
-#[sqlx(transparent)]
-pub struct StoredHash(String);
-
-impl StoredHash {
-    pub fn verify(&self, password: &Password) -> Result<bool, password_hash::Error> {
-        let hash = PasswordHash::new(&self.0)?;
-
-        match Argon2::default().verify_password(password.as_bytes(), &hash) {
-            // Successful authentication, not an error
-            Ok(()) => Ok(true),
-            // Unsuccessful authentication, also not an error
-            Err(password_hash::errors::Error::Password) => Ok(false),
-            // Password validation failed for some other reason, treat as an error
-            Err(err) => Err(err),
-        }
-    }
-}
-
-impl fmt::Debug for StoredHash {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        f.debug_tuple("StoredHash").field(&"********").finish()
-    }
-}
-
-#[derive(Clone, serde::Deserialize)]
-#[serde(transparent)]
-pub struct Password(nfc::String);
-
-impl Password {
-    pub fn hash(&self) -> Result<StoredHash, password_hash::Error> {
-        let Self(password) = self;
-        let salt = SaltString::generate(&mut OsRng);
-        let argon2 = Argon2::default();
-        let hash = argon2
-            .hash_password(password.as_bytes(), &salt)?
-            .to_string();
-        Ok(StoredHash(hash))
-    }
-
-    fn as_bytes(&self) -> &[u8] {
-        let Self(value) = self;
-        value.as_bytes()
-    }
-}
-
-impl fmt::Debug for Password {
-    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
-        f.debug_tuple("Password").field(&"********").finish()
-    }
-}
-
-impl From<String> for Password {
-    fn from(password: String) -> Self {
-        Password(password.into())
-    }
-}
diff --git a/src/user/repo.rs b/src/user/repo.rs
index 83a1471..0f67e9a 100644
--- a/src/user/repo.rs
+++ b/src/user/repo.rs
@@ -5,7 +5,8 @@ use crate::{
     clock::DateTime,
     event::{Instant, Sequence},
     name::{self, Name},
-    user::{History, Id, User, password::StoredHash},
+    password::StoredHash,
+    user::{History, Id, User},
 };
 
 pub trait Provider {