Home/ Questions/Q 7501345
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T20:29:50+00:00

I have a user auth table with a few thousand records containing a password

  • 0

I have a user auth table with a few thousand records containing a password field encrypted by bcrypt-ruby. I’ve ported the app in to PHP / Yii and need to use this field for authentication.

Is there a way to retrieve this Ruby-created field in PHP?

Verification

By “retrieve” I mean that I need to authenticate user logins using a PHP / Yii app to interpret a DB table with a password field created by bcrypt-ruby in a Rails app.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I believe this would solve your problem:

    $database_record = "something";   // grab from database
$user_input = 'unicorns';         // take real one from post data
$password = crypt($user_input, '$2a$10$usesomesillystringforsalt$');
// key piece above is the second number, that is the 'work' factor

if (crypt($user_input, $database_record) == $password) {
   echo "Password verified!";
}
else {
    echo 'failed!'; }

    This assumes you stored them using BCrypt::Password.create(desired_pass) in Ruby, and were verifying login by BCrypt::Password.new(database_entry) == form_input.

    Additionally, to create a new password in your database (i.e. a new user), store the result of

    $password = crypt($user_input, '$2a$10$usesomesillystringforsalt$');

    Lastly, make sure that you are always using the correct cost factor. The same password with different cost factors will not be equivalent. The default cost factor in bcrypt-ruby is 10 (current version, 3.0.1).

    • 0