根据这个
answer
,我应该保存我的
弦
bcrypt哈希密码,
passHash
作为一个
BINARY
或
BINARY(60)
(我选择
二进制(60)
)当它存储在mysql表中时(我将它存储在一个名为
帕沙什
)
现在,当我选择并检索它时
帕沙什
从我的表到Java的列值,现在是
byte[]
数据类型。
然后我怎么把它转换回它的
弦
窗体以便我可以使用
validateLogin()
方法如下:
//Validate username and password login
public boolean validateLogin(String username, String userpass)
{
boolean status = false;
PreparedStatement pst = null;
ResultSet rs = null;
User user = new User(); //This is my Java bean class
try(Connection connect= DBConnection.getConnection())
{
//Here, passHash is stored as VARBINARY(60)
pst = connect.prepareStatement("SELECT * FROM user WHERE username=? and passHash=?;");
pst.setString(1, username);
pst.setString(2, userpass);
//Here's where I'm having difficulty because `passHash` column in my user table is VARBINARY(60) while `userpass` is a String
rs = pst.executeQuery();
status = rs.next();
}
catch (SQLException e)
{
e.printStackTrace();
}
return status; //status will return `true` if `username` and `userpass` matches what's in the columns
}
参数
username
和
userpass
用于获取用户在我的
Login.jsp
形式:
String username = request.getParameter("username");
String userpass = request.getParameter("userpass");
编辑
:我的Bcrypt代码如下:
//returns a hashed String value
public static String bCrypt (String passPlain) {
return BCrypt.hashpw(passPlain, BCrypt.gensalt(10));
}
//Returns a true if plain password is a match with hashed password
public static Boolean isMatch(String passPlain, String passHash){
return (BCrypt.checkpw(passPlain, passHash));
}