Decode the Bcrypt encoded password in Spring Security to deactivate user account

前端 未结 2 814
野趣味
野趣味 2021-02-01 18:05

I am working on web application project in Spring Hibernate MVC. I am storing encoded passwords in a database using Bcrypt algorithm in Spring security.

Now I want to get

相关标签:
2条回答
  • 2021-02-01 18:25

    The problem is solved by using below code:

    BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();  
    encoder.matches(password, user.getPassword());  
    

    password - from form(JSP)
    user.getPassword() - from database

    BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
    if(email.equalsIgnoreCase(user.getEmail()) && encoder.matches(password, user.getPassword())) {
        userService.deactivateUserByID(user.getId());
        redirectAttributes.addFlashAttribute("successmsg", "Your account has been deactivated successfully.");
        model.setViewName("redirect:/logout");
    }else{
        redirectAttributes.addFlashAttribute("errormsg", "Email or Password is incorrect");
        model.setViewName("redirect:/app/profile/deactivate");
    }
    
    0 讨论(0)
  • 2021-02-01 18:29
    BCryptPasswordEncoder bcrypt = new BCryptPasswordEncoder();  
    boolean isPasswordMatches = bcrypt.matches(userenteredpasswordWithotEncryoted, encryptedPasswordFromDb);
    

    Example:

    boolean isPasswordMatches = bcrypt.matches(
            "Truck123",
            "$2a$10$kcVH3Uy86nJgQtYqAFffZORT9wbNMuNtqytcUZQRX51dx6IfSFEd."
    );
    
    
    if (isPasswordMatches) { // correct password
        ...
    } else { // Wrong Password
        ...
    }
    
    0 讨论(0)
提交回复
热议问题