哈希器在环回中为相同的密码生成不同的哈希值?
Hasher generating different hashes for same password in loopback?
我正在使用环回哈希器作为
import { PasswordHasher } from './hash.password.bcryptjs';
这有一个函数生成散列
credentials.password = await this.passwordHasher.hashPassword(credentials.password);
我将输入作为 pass@1010 用于生成散列的密码,但它生成不同的散列,每个 time.But 相同字符串的散列应该相同。
class
代码
import { genSalt, hash } from 'bcryptjs';
import { compare } from 'bcryptjs';
import { inject } from '@loopback/core';
import { PasswordHasherBindings } from '../keys';
/**
* Service HashPassword using module 'bcryptjs'.
* It takes in a plain password, generates a salt with given
* round and returns the hashed password as a string
*/
export type HashPassword = (
password: string,
rounds: number,
) => Promise<string>;
// bind function to `services.bcryptjs.HashPassword`
export async function hashPassword(
password: string,
rounds: number,
): Promise<string> {
const salt = await genSalt(rounds);
return await hash(password, salt);
}
export interface PasswordHasher<T = string> {
hashPassword(password: T): Promise<T>;
comparePassword(providedPass: T, storedPass: T): Promise<boolean>;
}
export class BcryptHasher implements PasswordHasher<string> {
constructor(
@inject(PasswordHasherBindings.ROUNDS)
private readonly rounds: number,
) { }
async hashPassword(password: string): Promise<string> {
const salt = await genSalt(10);
return await hash(password, salt);
}
async comparePassword(
providedPass: string,
storedPass: string,
): Promise<boolean> {
const passwordIsMatched = await compare(providedPass, storedPass);
return passwordIsMatched;
}
}
问题是您对每个散列使用了新的盐。如果你想获得稳定的哈希,你需要生成一次盐然后在下一轮重新使用它。
我正在使用环回哈希器作为
import { PasswordHasher } from './hash.password.bcryptjs';
这有一个函数生成散列
credentials.password = await this.passwordHasher.hashPassword(credentials.password);
我将输入作为 pass@1010 用于生成散列的密码,但它生成不同的散列,每个 time.But 相同字符串的散列应该相同。
class
代码import { genSalt, hash } from 'bcryptjs';
import { compare } from 'bcryptjs';
import { inject } from '@loopback/core';
import { PasswordHasherBindings } from '../keys';
/**
* Service HashPassword using module 'bcryptjs'.
* It takes in a plain password, generates a salt with given
* round and returns the hashed password as a string
*/
export type HashPassword = (
password: string,
rounds: number,
) => Promise<string>;
// bind function to `services.bcryptjs.HashPassword`
export async function hashPassword(
password: string,
rounds: number,
): Promise<string> {
const salt = await genSalt(rounds);
return await hash(password, salt);
}
export interface PasswordHasher<T = string> {
hashPassword(password: T): Promise<T>;
comparePassword(providedPass: T, storedPass: T): Promise<boolean>;
}
export class BcryptHasher implements PasswordHasher<string> {
constructor(
@inject(PasswordHasherBindings.ROUNDS)
private readonly rounds: number,
) { }
async hashPassword(password: string): Promise<string> {
const salt = await genSalt(10);
return await hash(password, salt);
}
async comparePassword(
providedPass: string,
storedPass: string,
): Promise<boolean> {
const passwordIsMatched = await compare(providedPass, storedPass);
return passwordIsMatched;
}
}
问题是您对每个散列使用了新的盐。如果你想获得稳定的哈希,你需要生成一次盐然后在下一轮重新使用它。