Optional password transformation settings, encoded in another password string. Settings could include algorithm settings, salt, etc.
password transformation settings
Get the JSON helper for serializing/de-serializing JavaScript and Java types.
The password provided from the user to be transformed
The original request object. This can be used to access headers and parameters passed in the original request.
The Response object. Can be used to modify cookies in the response.
If a current hash of the password exists, this function should be used to compare the hash with the current password. If they match, then the already hashed password should be used as transformation result:
```
if (comparablePassword !== null && context.bcryptCheckPassword(providedPassword, comparablePassword)) {
return comparablePassword;
} else {
// Use context.bcryptHashPassword to generate a new hash.
} ```
true
if the passwords match. Always false
if comparablePassword is null
.
The provided password
The previously stored password to compare with
Hash a password using BCrypt. This should be used for new hashes when creating the password hash the first time.
A string with the hashed password
The password to hash
The salt using the BCrypt salting
Please use the Procedures API Documentation instead: https://curity.io/docs/idsvr/latest/developer-guide/scripting/index.html#scripting-guide
Please use the Procedures API Documentation instead: https://curity.io/docs/idsvr/latest/developer-guide/scripting/index.html#scripting-guide
a random salt for a BCrypt hash, with the given cost.
the the log2 of the number of rounds of hashing to apply - the work factor therefore increases as 2^log_rounds
.
a random salt for a BCrypt hash.
The original request object. This can be used to access headers and parameters passed in the original request.
The Response object. Can be used to modify cookies in the response.
Check if a password matches the hashed password. If they match, the transformation can return the already hashed password.
```
if (comparablePassword !== null && context.phpassCheckPassword(providedPassword, comparablePassword)) {
return comparablePassword;
} else {
// Use context.phpassHashPassword to generate a new hash.
}
```
true
if passwords match. Always false
if comparablePassword is null
.
The provided password
The stored password hash
Hash a password using Phpass.
A string with the hashed password
The password to hash
Hash a password using Phpass.
A string with the hashed password
The password to hash
The number of iterations to initialize phpass with
true if the provided password is the same as the comparable password. Always false if comparable password is null.
The provided password
A hashed password to compare with
Generates a libc6 crypt() compatible $5$
SHA2 based hash value.
The returned format is $5[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
.
Use generateRandomSaltSha256
to generate a random salt.
The hashed password
The provided password to hash
A formatted sha2 salt
Check if a provided password matches the stored password.
true
if the provided password is the same as the comparable password. Always false
if comparablePassword is null
.
The provided password
A hashed password to compare with
Generates a libc6 crypt() compatible $6$
SHA2 based hash value.
The returned format is $6[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
.
Use generateRandomSaltSha512
to generate a random salt.
The hashed password
The provided password to hash
A formatted sha2 salt
Context for credential-transformer procedures.