https://github.com/outr/scalapass
Useful tools for managing storage and validation of passwords in Scala applications
https://github.com/outr/scalapass
Last synced: about 1 year ago
JSON representation
Useful tools for managing storage and validation of passwords in Scala applications
- Host: GitHub
- URL: https://github.com/outr/scalapass
- Owner: outr
- Created: 2018-11-21T16:34:55.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2024-05-05T00:58:07.000Z (about 2 years ago)
- Last Synced: 2024-05-05T01:37:04.626Z (about 2 years ago)
- Language: Scala
- Size: 1.1 MB
- Stars: 5
- Watchers: 3
- Forks: 0
- Open Issues: 7
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# scalapass
[](https://github.com/outr/scalapass/actions/workflows/ci.yml)
Straight-forward password hashing and verification using the latest algorithms. Currently, supports:
* Argon2(i, d, and id)
* PBKDF2
## SBT
```sbt
libraryDependencies += "com.outr" %% "scalapass" % "1.2.8"
```
## Creating a hash
```scala
import com.outr.scalapass.Argon2PasswordFactory
val factory = Argon2PasswordFactory()
// factory: Argon2PasswordFactory = Argon2PasswordFactory(
// iterations = 50,
// memory = 65536,
// parallelism = 8,
// argon2 = id,
// saltLength = 16,
// hashLength = 32
// )
val password: String = "your-password-in-clear-text"
// password: String = "your-password-in-clear-text"
val hashed: String = factory.hash(password)
// hashed: String = "$argon2id$v=19$m=65536,t=50,p=8$ERV4kw6eytqaCeZkb9+ocA$ECwWfIUIu7n/is0ryxNrbK4szxEgpkfV6eVAkWKF4AU"
```
Now store the one-way hashed password safely in your database.
## Verifying a hash
```scala
val attemptedPassword: String = "your-password-in-clear-text"
// attemptedPassword: String = "your-password-in-clear-text"
val hashedPassword: String = hashed // From the database
// hashedPassword: String = "$argon2id$v=19$m=65536,t=50,p=8$ERV4kw6eytqaCeZkb9+ocA$ECwWfIUIu7n/is0ryxNrbK4szxEgpkfV6eVAkWKF4AU" // From the database
val valid: Boolean = factory.verify(attemptedPassword, hashedPassword)
// valid: Boolean = true
```
Will return `true` if the `attemptedPassword` is the same as the one used to create the `hashedPassword`