Check a password against a pbkdf2 hashed string. Useful to import password hashes from django application to rails/devise
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
lib
spec
.gitignore
.rspec
Gemfile
LICENSE.txt
README.md
Rakefile
pbkdf2_password_hasher.gemspec

README.md

pbkdf2-password-hasher

Compute a pbkdf2 hash of a string, and/or check a password against a pbkdf2 hashed string.

This was originally built to import password hashes from django application to rails/devise application

Installation

In your Gemfile :

gem pbkdf2_password_hasher, git: 'aherve/pbkdf2-password-hasher'

or install it with:

gem install pbkdf2_password_hasher

Usage

  • Hash a password with salt:
salt = 'NaCl'    # random salt key
pass = 's3cr3t'  # your password
it   = 1000      # number of iterations

hash = Pbkdf2PasswordHasher.hash_password(pass,salt,it) #=> "pbkdf2_sha256$1000$NaCl$uDAu+fkRHoZk03PKp0bzrXDWc4j4mhkzGBm7ljbvp58="
  • Check password validity against string
# hashed string from django app
hsh ='pbkdf2_sha256$12000$PEnXGf9dviXF$2soDhu1WB8NSbFDm0w6NEe6OvslVXtiyf4VMiiy9rH0='

# with right password:
Pbkdf2PasswordHasher.check_password('bite',hsh) #=> true

#with wrong password:
Pbkdf2PasswordHasher.check_password('bitten',hsh) #=> false