verifyPasswordHash
verifyPasswordHash ( password : string , hash : string ) : boolean
| Parameter | Type | Description | |
|---|---|---|---|
| password | string | → | The user's password. Only the first 72 characters are used. |
| hash | object | → | A password hash. |
| Result | boolean | ← | Returns TRUE if the password and hash match, otherwise returns FALSE. |
Description
The verifyPasswordHash function verifies that the given hash matches the given password.
This function compares password to a hash generated by generatePasswordHash function.
Error management
The following errors may be returned. You can review an error with the onErrCall command.
| Number | Message |
|---|---|
| 850 | Password-hash: Unsupported algorithm. |
| 851 | Password-hash: Consistency check failure. |
Only bcrypt algorithm is supported. If your hash was not generated using bcrypt, an error is returned.
Example
This example verifies a password hash previously created by generatePasswordHash and stored in a Users table with a newly entered password:
declare(password : string , userId : integer)
var result : string
if(verifyPasswordHash(password,ds.Users.get(userId).hash))
result = "Good password"
else
result = "Password error"
end
The password is never stored on disk, only the hash. Using a remote application, the hash could be produced on the client side. If instead, you use a JavaScript (or similar) based front end, the best practice for security is to create the hash on the server side. Of course, you should use a TLS encrypted network connection for security, as this requires transferring the password over the network.