Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Decode the Bcrypt encoded password in Spring Security to deactivate user account

Tags:

bcrypt

jbcrypt

I am working on web application project in Spring Hibernate MVC. I am storing encoded passwords in a database using Bcrypt algorithm in Spring security.

Now I want to get that encoded password to be decoded to deactivate a use account where in I am giving user email and password to verify before user deactivate the account. I have a problem in getting the decoded password.

Can anyone help me to get out of it or any alternate solution for my requirement?

like image 711
arch Avatar asked Nov 13 '14 09:11

arch

People also ask

How do I decrypt BCrypt password in spring boot?

There's no way to decrypt the password. Alternatively, the one-way password encoder returns the same encrypted string if you call the encoding algorithm with the same password. The authentication can be accomplished by re-encoding the password and checking the current encoded password in the database.

How does BCrypt work in Spring Security?

BCrypt algorithm In this algorithm, the password to be encoded goes through the following steps: The password is first salted, which means a random sequence of characters is added to it. The password is then hashed. The hashing process keeps iterating itself for the specified number of rounds, called the cost factor.

Does spring security support password encoding?

Spring Security supports many password encoders, for both old and modern algorithms. Also, Spring Security provides methods to work with multiple password encodings in the same application.

How do I encrypt a BCrypt password in spring boot?

Bootstrap: @Autowired private BCryptPasswordEncoder bCryptPasswordEncoder; @GetMapping("/test") public void fillDatabse() { String encodedPw=bCryptPasswordEncoder. encode("test"); Password p = new Password(encodedPw);

Video Answer

1 Answers

The problem is solved by using below code: 

BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();   encoder.matches(password, user.getPassword());

password - from form(JSP)
user.getPassword() - from database

BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(); if(email.equalsIgnoreCase(user.getEmail()) && encoder.matches(password, user.getPassword())) {     userService.deactivateUserByID(user.getId());     redirectAttributes.addFlashAttribute("successmsg", "Your account has been deactivated successfully.");     model.setViewName("redirect:/logout"); }else{     redirectAttributes.addFlashAttribute("errormsg", "Email or Password is incorrect");     model.setViewName("redirect:/app/profile/deactivate"); }
like image 168
arch Avatar answered Sep 22 '22 16:09

arch
Sign in to Comment

Related questions

Rails Fixtures with BCrypt
IntelliJ inspection saying module.exports does not exist for nodejs
simple bcrypt library for C [closed]
Why isn't salt required to compare whether password is correct in bcrypt?
cannot load such file -- 1.9/bcrypt_ext (LoadError)
Compare passwords BcryptJS
Bcrypt: invalid ELF header with Docker and Sails.JS
BCrypt: How to determine whether two hashes refer to the same password
Is there a bcrypt implementation available for Delphi?
Node bcrypt's compare always returns false
How to compare two encrypted(bcrypt) password in laravel
Password Hashing: PBKDF2 (using sha512 x 1000) vs Bcrypt
strcmp vs. == vs. === in PHP for checking hash equality
bcrypt is breaking my meteor application, how do I fix it?
Comparing passwords with crypt() in PHP
How to solve "Could not find any Python installation to use" with docker node alpine Image when adding bcrypt to package.json?
Generating Password Hash In PHP 5.5 And Setting Cost Option
flask-bcrypt - ValueError: Invalid salt
bcrypt Error: data and hash arguments required
Getting same hashed value while using BCryptPasswordEncoder

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!