问题描述

我正在将用户表从laravel应用程序迁移到ruby SSO服务器，并且我正在使用BCrypt来验证ruby中的密码.

I am migrating users table from a laravel application to a ruby SSO server, and I am using BCrypt to validate passwords in ruby.

我面临的问题是密码不匹配，因为laravel生成的哈希以$2y$10.....开头，而我的BCrypt生成了哈希$2a$10....

The problem i am facing is that passwords do not match because the Hash generated by laravel starts with $2y$10..... and my BCrypt generates a hash $2a$10....

两个哈希之间的版本不匹配.Ruby BCrypt显示版本为2a，而不是laravel 2y

The versions between the two hashes do not match.Ruby BCrypt shows version 2a, instead laravel 2y

我如何将它们带入相同版本，以便我可以像这样在ruby中进行用户身份验证?

How can i bring them on the same version so i can do user authentication in ruby like this?

BCrypt::Password.new(user.send(password_column.to_sym)) == @password

这应该返回true，但是返回false.

This should return true, but instead returns false.

BCrypt::Password.new('$2y$10$tKrgxXzN.naFD3r//yX9/O5uJmGRA9lzlcoPgK.F8REX.kx9xOesS') == "Test1111!"

推荐答案

PHP crypt方法对bcrypt哈希条目使用非标准符号.您需要更正此问题:

The PHP crypt method uses a non-standard notation for bcrypt-hashed entries. You need to correct this:

hash = '$2y$10$tKrgxXzN.naFD3r//yX9/O5uJmGRA9lzlcoPgK.F8REX.kx9xOesS'
BCrypt::Password.new(hash.sub(/\A\$2y/, '$2a')) ==  "Test1111!"
# => true

PHP的加密库中有一个错误，因此2y代表固定版本.

There was a bug in PHP's crypto library so 2y represents the fixed version.

这篇关于将用户表从Laravel迁移到Ruby并使用BCrypt解码密码不起作用的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！