在Spring Security中解码Bcrypt编码的密码以停用用户帐户 [英] Decode the Bcrypt encoded password in spring security to Deactivate User account

问题描述

我正在Spring Hibernate MVC中从事Web应用程序项目.
我正在使用Spring安全性中的Bcrypt算法将编码后的密码存储在数据库中.
现在，我想获取编码后的密码，以对其进行解码以停用使用帐户"，在该帐户中，我要提供用户电子邮件和密码以在用户停用该帐户之前进行验证.
我在获取解码后的密码时遇到问题.
谁能帮助我摆脱困境或提供其他替代解决方案?

I am working on web application project in Spring Hibernate MVC.
I am storing encoded password in the database using Bcrypt algorithm in Spring security.
Now I want to get that encoded password to be decoded to deactivate Use account where in I am giving user email and password to verify before user deactivate the account.
I have problem in getting decoded password.
Can anyone help me to get out of it or any alternate solution for my requirement?

推荐答案

使用以下代码可解决问题:

The problem is solved by using below code:

BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();  
encoder.matches(password, user.getPassword());  

password-来自表格(JSP)
user.getPassword()-来自数据库

password - from form(JSP)
user.getPassword() - from database

BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
if(email.equalsIgnoreCase(user.getEmail()) && encoder.matches(password, user.getPassword())) {
    userService.deactivateUserByID(user.getId());
    redirectAttributes.addFlashAttribute("successmsg", "Your account has been deactivated successfully.");
    model.setViewName("redirect:/logout");
}else{
    redirectAttributes.addFlashAttribute("errormsg", "Email or Password is incorrect");
    model.setViewName("redirect:/app/profile/deactivate");
}

这篇关于在Spring Security中解码Bcrypt编码的密码以停用用户帐户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！