密码使用org.springframework.security.crypto.bcrypt.BCryptPasswordEncoderdecrypt存储在mongoDB中。 由于此API以加密格式将密码存储在DB中,因此即使我存储相同的密码,它也会以不同的方式加密并存储在DB中。现在我的问题是如何比较输入的密码是否已经存储在数据库中。我如何实现我的目标,请您解释一下?
答案 0 :(得分:0)
I found that I cannot exactly match the password but here is workaround
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String enteredNewPassword = // Password entered by user
String dbPassword = // Load hashed DB password
if (passwordEncoder.matches(enteredNewPassword, dbPassword)) {
//Password is Already exists in db need to store new password
} else {
// new Password
}