Squashed commit of the following:

commit aeb44de3bc42f86324a6242b6b8037dd4cb8fbc3
Author: David Pollak <feeder.of.the.bears@gmail.com>
Date:   Tue Mar 5 11:48:56 2013 -0800

    Squashed commit of the following:

    commit 24ff1d946cb1f80630e747a7793ba3f574fe7202
    Author: David Pollak <feeder.of.the.bears@gmail.com>
    Date:   Tue Mar 5 11:47:24 2013 -0800

        Removed external bcrypt depedency because the code is already in Lift

commit 09980e8263723f978784666d467e8256118d2446
Author: David Pollak <feeder.of.the.bears@gmail.com>
Date:   Tue Mar 5 11:32:01 2013 -0800

    MappedPassword now uses bcrypt, but is backward compatible with existing passwords and schemas

persistence/mapper/src/main/scala/net/liftweb/mapper/MappedPassword.scala

@@ -32,6 +32,12 @@ import net.liftweb.http.js._
 
 object MappedPassword {
   val blankPw = "*******"
+
+  /**
+   * Set this in boot if you want Bcrypt salt strength to be
+   * something more than the default
+   */
+  var bcryptStrength: Box[Int] = None
 }
 
 abstract class MappedPassword[T<:Mapper[T]](val fieldOwner: T)
@@ -56,11 +62,15 @@ extends MappedField[String, T] {
   private var invalidMsg = ""
 
   protected def real_i_set_!(value : String) : String = {
-    password() = value match {
-      case "*" | null | MappedPassword.blankPw if (value.length < 3) => {invalidPw = true ; invalidMsg = S.?("password.must.be.set") ; "*"}
-      case MappedPassword.blankPw => {return "*"}
-      case _ if (value.length > 4) => {invalidPw = false; hash("{"+value+"} salt={"+salt_i.get+"}")}
-      case _ => {invalidPw = true ; invalidMsg = S.?("password.too.short"); "*"}
+    value match {
+      case "*" | null | MappedPassword.blankPw if (value.length < 3) =>
+       invalidPw = true ; invalidMsg = S.?("password.must.be.set") ; password.set("*")
+      case MappedPassword.blankPw => return "*"
+      case _ if (value.length > 4) => invalidPw = false;
+      val bcrypted = BCrypt.hashpw(value, MappedPassword.bcryptStrength.map(BCrypt.gensalt(_)) openOr BCrypt.gensalt())
+      password.set("b;"+bcrypted.substring(0,44))
+      salt_i.set(bcrypted.substring(44))
+      case _ => invalidPw = true ; invalidMsg = S.?("password.too.short"); password.set("*")
     }
     this.dirty_?( true)
     "*"
@@ -86,7 +96,15 @@ extends MappedField[String, T] {
 
   def asJsExp: JsExp = throw new NullPointerException("No way")
 
-  def match_?(toMatch : String) = {
+  /**
+   * Test to see if an incoming password matches
+   * @param toMatch the password to test
+   * @return the matched value
+   */
+  def match_?(toMatch : String): Boolean = {
+    if (password.get.startsWith("b;")) {
+      BCrypt.checkpw(toMatch, password.get.substring(2)+salt_i.get)
+    } else
     hash("{"+toMatch+"} salt={"+salt_i.get+"}") == password.get
   }
 
@@ -96,7 +114,8 @@ extends MappedField[String, T] {
     else List(FieldError(this, Text(S.?("password.must.be.set"))))
   }
 
-  def real_convertToJDBCFriendly(value: String): Object = hash("{"+value+"} salt={"+salt_i.get+"}")
+  def real_convertToJDBCFriendly(value: String): Object =
+    BCrypt.hashpw(value, MappedPassword.bcryptStrength.map(BCrypt.gensalt(_)) openOr BCrypt.gensalt())
 
   /**
    * Get the JDBC SQL Type for this field

project/Build.scala

@@ -92,8 +92,7 @@ object BuildDef extends Build {
         .settings(description := "Webkit Library",
                   parallelExecution in Test := false,
                   libraryDependencies <++= scalaVersion { sv =>
-                    Seq(commons_fileupload, servlet_api, specs2(sv).copy(configurations = Some("provided")), jetty6,
-                    rhino,
+                    Seq(commons_fileupload, rhino, servlet_api, specs2(sv).copy(configurations = Some("provided")), jetty6,
                       jwebunit)
                   },
                   initialize in Test <<= (sourceDirectory in Test) { src =>