英文:
crypto/bcrypt: hashedPassword is not the hash of the given password
问题
我加密用户的密码并保存到数据库中。然后在用户登录时,我比较哈希密码和明文密码,但是我得到了crypto/bcrypt: hashedPassword is not the hash of the given password错误。有什么问题吗?
func encryptPassword(password string) (string, error) {
bytePass := []byte(password)
hashedPassword, err := bcrypt.GenerateFromPassword(bytePass, bcrypt.DefaultCost)
if err != nil {
log.Printf("ERROR:EncryptPassword: %s", err.Error())
}
return string(hashedPassword), err
}
func (i *Impl) Register(user User) bool {
hashedPass, err := encryptPassword(user.Password)
if err != nil {
return false
}
user.Password = hashedPass
if err := i.DB.Create(&user).Error; err != nil {
log.Printf("ERROR:Register: %s", err.Error())
return false
}
return true
}
func (i *Impl) Login(email string, password string) (User, error) {
var user User
i.DB.Where("email = ?", email).First(&user)
err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
if err != nil {
log.Printf("ERROR:Login: %s", err.Error())
return User{}, err
}
return user, err
}
这段代码看起来没有明显的错误。可能的问题是在注册时密码没有正确加密,或者在登录时密码没有正确比较。你可以检查一下这两个函数的调用是否正确,并确保密码在传递过程中没有被修改。另外,你还可以尝试打印出密码的哈希值,以便进一步调试。
英文:
I encrypt user's password and save to db. Then to user login, compare hashed password and plain password, I'm getting crypto/bcrypt: hashedPassword is not the hash of the given password error. Whats wrong ?
func encryptPassword(password string) (string, error) {
bytePass := []byte(password)
hashedPassword, err := bcrypt.GenerateFromPassword(bytePass, bcrypt.DefaultCost)
if err != nil {
log.Printf("ERROR:EncryptPassword: %s", err.Error())
}
return string(hashedPassword), err
}
func (i *Impl) Register(user User) bool {
hashedPass, err := encryptPassword(user.Password)
if err != nil {
return false
}
user.Password = hashedPass
if err := i.DB.Create(&user).Error; err != nil {
log.Printf("ERROR:Register: %s", err.Error())
return false
}
return true
}
func (i *Impl) Login(email string, password string) (User, error) {
var user User
i.DB.Where("email = ?", email).First(&user)
err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
if err != nil {
log.Printf("ERROR:Login: %s", err.Error())
return User{}, err
}
return user, err
}
答案1
得分: 9
我打赌你的 user.Password 在你传递给 encryptPassword 函数之前是空的,这导致了对空密码进行哈希处理,就像你提供的那个 ($2a$10$rqHJJTHsxMbtX/5ZjG1mFuWyYbUDW1PLbfwQRN0uChwes38c/0m3e)。
英文:
My bet is that user.Password is empty in your Register function before you pass it to encryptPassword thus leading to hashes on empty passwords like the one you provided ($2a$10$rqHJJTHsxMbtX/5ZjG1mFuWyYbUDW1PLbfwQRN0uChwes38c/0m3e).
答案2
得分: 3
我无法区分哪个是哪个,但在你的比较函数中,请确保变量放置正确。
bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
必须是已经哈希过的密码 ^ ^ 要比较的明文密码
同时确保你确实有要哈希的内容,你可能得到一个空密码,但没有意识到,因为哈希后看起来仍然是完整的。
英文:
I cannot tell which is which, but in your compare function, ensure that you have the variables in the right place.
bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
Must be the already hashed PW ^ ^ Plain Text Password to compare
Also ensure you're actually getting something to hash, you could be getting a blank password but not realizing it because the hash will still look full.
答案3
得分: 1
我的错误是认为它比较了两个bcrypt哈希密码,而不是一个哈希密码和你的未加密密码转换为二进制的结果 - 希望这对某个人有所帮助!
英文:
My mistake was thinking that it compared two bcrypt hashedpasswords, rather than a hashedpassword and your unencrypted password converted to binary -- hope that helps someone out there!
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论