Menu
I have found out how to hash the password of some one and persist it in the database with SpringMVC:
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String pw = passwordEncoder.encode("test");
Now the question is, how I can verify the password coming from the request to let the user login my web app? After some research I saw, that there are a lot of ways to do this. Some solutions works with user roles.
What my webapps should do is to offer my users a login page where they can register (here I would persist the password with the code shown above). After registering they should be able to login, which means I need to verify the password from the login form. Is there any state of the art example out there?
200
This is how a raw password can be matched to an encoded one:
passwordEncoder.matches("rawPassword", user.getPassword()),
But as others say, coding Security on your own is cumbersome, and so I'd recommend using Spring Security instead. Yes, it does take effort to learn, but you can find good tutorials on it. Here is a unique tutorial on it (disclaimer: I'm the author).
174
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
