loading...

re: How to Securely Store a Password in Java VIEW POST

FULL DISCUSSION
 

I am try to check the Hashpasword with .equals() method but it is showing stored password and user entered password as false even though both are same please suggest me a code fix. HashedPassword is saving is working fine while registering.

//Java
public boolean userAuthentication(Userdetails userdetails)
{
Optional salt = passwordUtils.generateSalt(CableTVConstants.SALT_LENGTH);
Optional userinfo = userDetailService.findById(userdetails.getUsername());
if(userinfo.isPresent())
{
return passwordUtils.verifypassword(userdetails.getPassword(),userinfo.get().getPassword(),salt.get());
}
logger.log(Level.ALL,"Invalid user credentials");
return false;
}
public boolean verifypassword(String password, String key, String salt)
{
Optional password_check = generateHashPassword(password,salt);
if(!password_check.isPresent())
{
return false;
}
return password_check.get().equals(key);
}

Code of Conduct Report abuse