Question

我正在Spring Hibernate MVC中处理Web应用程序项目。我在Spring安全性中使用Bcrypt算法将编码密码存储在数据库中。现在我想要解码该编码密码以停用使用帐户我在给用户电子邮件和密码的位置，以便在用户停用帐户之前进行验证。我在获取解码密码时遇到问题。任何人都可以帮我摆脱它或任何替代解决方案吗？

Answer 1

使用以下代码解决问题：

BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();  
encoder.matches(password, user.getPassword());

password - 来自表单（JSP）
user.getPassword() - 来自数据库

BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
if(email.equalsIgnoreCase(user.getEmail()) && encoder.matches(password, user.getPassword())) {
    userService.deactivateUserByID(user.getId());
    redirectAttributes.addFlashAttribute("successmsg", "Your account has been deactivated successfully.");
    model.setViewName("redirect:/logout");
}else{
    redirectAttributes.addFlashAttribute("errormsg", "Email or Password is incorrect");
    model.setViewName("redirect:/app/profile/deactivate");
}

Answer 2

           BCryptPasswordEncoder bcrypt= new BCryptPasswordEncoder();  
          boolean isPasswordMatches=bcrypt.matches(userenteredpasswordWithotEncryoted, encryptedPasswordFromDb);

Ex

     boolean isPasswordMatches= bcrypt.matches("Truck123", 
     "$2a$10$kcVH3Uy86nJgQtYqAFffZORT9wbNMuNtqytcUZQRX51dx6IfSFEd.");


   if(isPasswordMatches)   // correct password
      else  // Wrong Password

将Spring security中的Bcrypt编码密码解码为Deactivate User帐户

2 个答案: