Decode the Bcrypt encoded password in Spring Security to deactivate user account
我正在Spring Hibernate MVC中从事Web应用程序项目。 我正在Spring安全中使用Bcrypt算法将编码的密码存储在数据库中。
现在,我想获取编码后的密码以进行解码,以停用使用帐户,在该帐户中,我将提供用户电子邮件和密码,以在用户停用帐户之前进行验证。 我在获取解码后的密码时遇到问题。
谁能帮助我摆脱困境或提供其他替代解决方案?
通过使用以下代码可以解决该问题:
1 2 | BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); encoder.matches(password, user.getPassword()); |
1 2 3 4 5 6 7 8 9 | BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); if(email.equalsIgnoreCase(user.getEmail()) && encoder.matches(password, user.getPassword())) { userService.deactivateUserByID(user.getId()); redirectAttributes.addFlashAttribute("successmsg","Your account has been deactivated successfully."); model.setViewName("redirect:/logout"); }else{ redirectAttributes.addFlashAttribute("errormsg","Email or Password is incorrect"); model.setViewName("redirect:/app/profile/deactivate"); } |
1 2 | BCryptPasswordEncoder bcrypt = new BCryptPasswordEncoder(); boolean isPasswordMatches = bcrypt.matches(userenteredpasswordWithotEncryoted, encryptedPasswordFromDb); |
例:
1 2 3 4 5 6 7 8 9 10 11 | boolean isPasswordMatches = bcrypt.matches( "Truck123", "$2a$10$kcVH3Uy86nJgQtYqAFffZORT9wbNMuNtqytcUZQRX51dx6IfSFEd." ); if (isPasswordMatches) { // correct password ... } else { // Wrong Password ... } |