问题描述
我正在将用户表从laravel应用程序迁移到ruby SSO服务器,并且我正在使用BCrypt来验证ruby中的密码.
I am migrating users table from a laravel application to a ruby SSO server, and I am using BCrypt to validate passwords in ruby.
我面临的问题是密码不匹配,因为laravel生成的哈希以$2y$10.....
开头,而我的BCrypt生成了哈希$2a$10....
The problem i am facing is that passwords do not match because the Hash generated by laravel starts with $2y$10.....
and my BCrypt generates a hash $2a$10....
两个哈希之间的版本不匹配.Ruby BCrypt显示版本为2a
,而不是laravel 2y
The versions between the two hashes do not match.Ruby BCrypt shows version 2a
, instead laravel 2y
我如何将它们带入相同版本,以便我可以像这样在ruby中进行用户身份验证?
How can i bring them on the same version so i can do user authentication in ruby like this?
BCrypt::Password.new(user.send(password_column.to_sym)) == @password
这应该返回true,但是返回false.
This should return true, but instead returns false.
BCrypt::Password.new('$2y$10$tKrgxXzN.naFD3r//yX9/O5uJmGRA9lzlcoPgK.F8REX.kx9xOesS') == "Test1111!"
推荐答案
PHP crypt
方法对bcrypt哈希条目使用非标准符号.您需要更正此问题:
The PHP crypt
method uses a non-standard notation for bcrypt-hashed entries. You need to correct this:
hash = '$2y$10$tKrgxXzN.naFD3r//yX9/O5uJmGRA9lzlcoPgK.F8REX.kx9xOesS'
BCrypt::Password.new(hash.sub(/\A\$2y/, '$2a')) == "Test1111!"
# => true
PHP的加密库中有一个错误,因此2y
代表固定版本.
There was a bug in PHP's crypto library so 2y
represents the fixed version.
这篇关于将用户表从Laravel迁移到Ruby并使用BCrypt解码密码不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!