PasswordVerify: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
|||
(One intermediate revision by one other user not shown) | |||
Line 1: | Line 1: | ||
__NOTOC__ | __NOTOC__ | ||
{{Shared function}} | {{Shared function}} | ||
{{Note | {{Note|Using '''passwordHash''' is the recommended way of storing passwords.}} | ||
{{New feature/item|3.0154|1.5.4|11277| | {{New feature/item|3.0154|1.5.4|11277| | ||
This function verifies whether a password matches a password hash. | This function verifies whether a password matches a password hash. | ||
Line 16: | Line 16: | ||
===Optional Arguments=== | ===Optional Arguments=== | ||
{{New | {{New items|3.0156|1.5.6| | ||
*'''options:''' advanced options | *'''options:''' advanced options | ||
**'''insecureBcrypt:''' If set to ''true'', you can use the ''$2a$'' prefix for bcrypt hashes as well. '''It is strongly not recommended to use it though, because the underlying implementation has a bug that leads to such hashes being relatively easy to crack.''' This bug was fixed for ''$2y$''. | **'''insecureBcrypt:''' If set to ''true'', you can use the ''$2a$'' prefix for bcrypt hashes as well. '''It is strongly not recommended to use it though, because the underlying implementation has a bug that leads to such hashes being relatively easy to crack.''' This bug was fixed for ''$2y$''. | ||
}} | }} | ||
{{New | {{New items|3.0154|1.5.4| | ||
*'''callback:''' providing a callback will run this function asynchronously, the arguments to the callback are the same as the returned values below. | *'''callback:''' providing a callback will run this function asynchronously, the arguments to the callback are the same as the returned values below. | ||
}} | |11281}} | ||
===Returns=== | ===Returns=== |
Latest revision as of 11:29, 5 August 2021
This function verifies whether a password matches a password hash.
Syntax
bool passwordVerify ( string password, string hash [, table options, function callback ] )
Required Arguments
- password: The password to check.
- hash: A supported hash (see passwordHash). Note that only the prefix $2y$ is supported for type bcrypt (older prefixes can cause security issues).
Optional Arguments
- options: advanced options
- insecureBcrypt: If set to true, you can use the $2a$ prefix for bcrypt hashes as well. It is strongly not recommended to use it though, because the underlying implementation has a bug that leads to such hashes being relatively easy to crack. This bug was fixed for $2y$.
- callback: providing a callback will run this function asynchronously, the arguments to the callback are the same as the returned values below.
Returns
Returns true if the password matches the hash. Returns false if the password does not match, or if an unknown hash was passed. If a callback was provided, the aforementioned values are arguments to the callback, and this function will always return true.
Example
See passwordHash example.
See Also
- addDebugHook
- base64Decode
- base64Encode
- debugSleep
- decodeString
- encodeString
- fromJSON
- generateKeyPair
- getColorFromString
- getDevelopmentMode
- getDistanceBetweenPoints2D
- getDistanceBetweenPoints3D
- getEasingValue
- getNetworkStats
- getNetworkUsageData
- getPerformanceStats
- getRealTime
- getTickCount
- getTimerDetails
- getTimers
- getFPSLimit
- getUserdataType
- getVersion
- gettok
- isTransferBoxVisible
- setTransferBoxVisible
- hash
- inspect
- interpolateBetween
- iprint
- isOOPEnabled
- isTimer
- killTimer
- md5
- passwordHash
- passwordVerify
- pregFind
- pregMatch
- pregReplace
- removeDebugHook
- resetTimer
- setDevelopmentMode
- setFPSLimit
- setTimer
- ref
- deref
- sha256
- split
- teaDecode
- teaEncode
- toJSON
- tocolor
- getProcessMemoryStats
- utfChar
- utfCode
- utfLen
- utfSeek
- utfSub
- bitAnd
- bitNot
- bitOr
- bitXor
- bitTest
- bitLRotate
- bitRRotate
- bitLShift
- bitRShift
- bitArShift
- bitExtract
- bitReplace