verifyPasswordHash
verifyPasswordHash* ( password : string , hash : string ) : boolean
Parameter | Type | Description | |
---|---|---|---|
password | string | → | The user's password. Only the first 72 characters are used. |
hash | object | → | A password hash. |
Result | boolean | ← | Returns TRUE if the password and hash match, otherwise returns FALSE. |
Description
The verifyPasswordHash
function verifies that the given hash matches the given password.
This function compares password to a hash generated by generatePasswordHash
function.
Error management
The following errors may be returned. You can review an error with the onErrCall
command.
Number | Message |
---|---|
850 | Password-hash: Unsupported algorithm. |
851 | Password-hash: Consistency check failure. |
Only bcrypt algorithm is supported. If your hash was not generated using bcrypt, an error is returned.
Example
This example verifies a password hash previously created by generatePasswordHash
and stored in a Users table with a newly entered password:
declare(password : string , userId : integer)
var result : string
if(verifyPasswordHash(password,ds.Users.get(userId).hash))
result = "Good password"
else
result = "Password error"
end
The password is never stored on disk, only the hash. Using a remote application, the hash could be produced on the client side. If instead, you use a JavaScript (or similar) based front end, the best practice for security is to create the hash on the server side. Of course, you should use a TLS encrypted network connection for security, as this requires transferring the password over the network.