More a question rather then an issue on this package.

How does password verification works if we doesn't pass the salt to the verification function?
Every password has a random salt, and as I understand, hash function works like this: hash(password + salt).

But verification function takes only password as an argument, so as I understand it can't generate the same hash as original, because hash(password) and hash(password + salt) will differ. So how does verification function know what salt it should use to verify every specific password?