Skip to main content
Version: Next

verifyPasswordHash

verifyPasswordHash ( password : string , hash : string ) : boolean

ParameterTypeDescription
passwordstringThe user's password. Only the first 72 characters are used.
hashobjectA password hash.
ResultbooleanReturns TRUE if the password and hash match, otherwise returns FALSE.

Description

The verifyPasswordHash function verifies that the given hash matches the given password.

This function compares password to a hash generated by generatePasswordHash function.

Error management

The following errors may be returned. You can review an error with the onErrCall command.

NumberMessage
850Password-hash: Unsupported algorithm.
851Password-hash: Consistency check failure.
Reminder

Only bcrypt algorithm is supported. If your hash was not generated using bcrypt, an error is returned.

Example

This example verifies a password hash previously created by generatePasswordHash and stored in a Users table with a newly entered password:

 declare(password : string , userId : integer)
var result : string

if(verifyPasswordHash(password,ds.Users.get(userId).hash))
result = "Good password"
else
result = "Password error"
end

note

The password is never stored on disk, only the hash. Using a remote application, the hash could be produced on the client side. If instead, you use a JavaScript (or similar) based front end, the best practice for security is to create the hash on the server side. Of course, you should use a TLS encrypted network connection for security, as this requires transferring the password over the network.

See also

generatePasswordHash