Hashing Passwords in Golang Compatible with Node.js's Bcrypt
In Node.js, a bcrypt package is commonly used for hashing user passwords. When migrating to Golang, it's essential to maintain compatibility with the existing hashed passwords stored in the database.
Node.js Bcrypt Hashing Code
The provided Node.js code utilizes the bcrypt module to generate a hashed string. It utilizes two sequential functions: genSalt to create a salt and hash to generate the hash using the password and salt.
Golang Bcrypt Hashing Equivalent
The equivalent Golang implementation using the golang.org/x/crypto/bcrypt package would resemble:
hashedPassword, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost);
Working Example
To demonstrate compatibility, the following code example illustrates hashing a password in Golang and verifying it against the Node.js-generated hash:
package main import ( "fmt" "golang.org/x/crypto/bcrypt" ) func main() { // Generate a hash from a password. password := []byte("SecretPassword") hashedPassword, err := bcrypt.GenerateFromPassword(password, bcrypt.DefaultCost) if err != nil { panic(err) } fmt.Println("Generated Hash:", string(hashedPassword)) // Simulate Node.js-generated hash. nodejsHash := []byte("a$n8J51m8dYIm/3CmaFCizgO93Gkj/3RZIiI4S2G8NkyL2fKvsBpfHy") // Compare with the Golang-generated hash. err = bcrypt.CompareHashAndPassword(nodejsHash, password) if err != nil { fmt.Println("Passwords do not match.") } else { fmt.Println("Passwords match.") } }
Usage
To use this code, first ensure you have the necessary Golang package installed and imported as shown in the example. Then, simply pass your password to GenerateFromPassword to generate a hashed string. For password validation, use CompareHashAndPassword to compare the hashed password from the database to the provided password. If the returned error is nil, the passwords match, adhering to both Node.js and Golang standards.
The above is the detailed content of How Can I Ensure Compatibility Between Node.js's Bcrypt and Golang's Bcrypt for Password Hashing?. For more information, please follow other related articles on the PHP Chinese website!