use byteutil.S2B to avoid allocations when comparing + generating password hashes

internal/api/client/accounts/accountdelete.go

@@ -21,6 +21,7 @@ import (
 	"errors"
 	"net/http"
 
+	"codeberg.org/gruf/go-byteutil"
 	"github.com/gin-gonic/gin"
 	apimodel "github.com/superseriousbusiness/gotosocial/internal/api/model"
 	apiutil "github.com/superseriousbusiness/gotosocial/internal/api/util"
@@ -87,7 +88,10 @@ func (m *Module) AccountDeletePOSTHandler(c *gin.Context) {
 		return
 	}
 
-	if err := bcrypt.CompareHashAndPassword([]byte(authed.User.EncryptedPassword), []byte(form.Password)); err != nil {
+	if err := bcrypt.CompareHashAndPassword(
+		byteutil.S2B(authed.User.EncryptedPassword),
+		byteutil.S2B(form.Password),
+	); err != nil {
 		err = errors.New("invalid password provided in account delete request")
 		apiutil.ErrorHandler(c, gtserror.NewErrorForbidden(err, err.Error()), m.processor.InstanceGetV1)
 		return

internal/api/client/user/passwordchange_test.go

@@ -23,6 +23,7 @@ import (
 	"net/http"
 	"testing"
 
+	"codeberg.org/gruf/go-byteutil"
 	"github.com/stretchr/testify/suite"
 	"github.com/superseriousbusiness/gotosocial/internal/api/client/user"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
@@ -50,11 +51,17 @@ func (suite *PasswordChangeTestSuite) TestPasswordChangePOST() {
 	}
 
 	// new password should pass
-	err = bcrypt.CompareHashAndPassword([]byte(dbUser.EncryptedPassword), []byte("peepeepoopoopassword"))
+	err = bcrypt.CompareHashAndPassword(
+		byteutil.S2B(dbUser.EncryptedPassword),
+		byteutil.S2B("peepeepoopoopassword"),
+	)
 	suite.NoError(err)
 
 	// old password should fail
-	err = bcrypt.CompareHashAndPassword([]byte(dbUser.EncryptedPassword), []byte("password"))
+	err = bcrypt.CompareHashAndPassword(
+		byteutil.S2B(dbUser.EncryptedPassword),
+		byteutil.S2B("password"),
+	)
 	suite.EqualError(err, "crypto/bcrypt: hashedPassword is not the hash of the given password")
 }