I plan to migrate a system developed with PHP Laravel that hashed users password with bcrypt, so just wanted to know is there anyway to convert them somehow in order to make new NodeJS system (with bcrypt) to reuse the current password fields? or the only way forward is to ask user to reset passwords?
Add a comment
|
2 Answers
Are you asking if the hashed password data (stored on the server, for example) can be used in another bcrypt implementation in node, or something else?
Using modules in node should work with the existing password data (as someone already suggested), but remember to use the same exact salting method and options as the previous bcrypt implementation in PHP, obviously, so that bcrypt generates the same data as before. As long as all options and input into bcrypt are the same, the bcrypt implementation in node should produce the same results and be able to be used.
3 Comments
har2vey
So do I have to import the same key from the previous system in order to do so?
Netside
I didn't see this comment earlier, so sorry if you already answered it. I still think my answer stands, but here is probably a good question/answer to look at if you're still dealing with this (or for other people viewing this page now) --> stackoverflow.com/questions/26643587/…
Netside
Also, I just saw I didn't answer the question in your comment, but the answer is yes. This is a MUST. That's the whole point of keys, not to insult your intelligence or sound rude (there's just no way to decrypt data without it short of codebreaking/cryptoanalysis).
Using the bcrypt or bcryptjs modules in node with the existing passwords should work just fine.
1 Comment
har2vey
Got it working but with twin-bycrpt package instead of bycrypt, but thanks for the hint.