abdullah/til
1
0
Fork 0
mirror of https://github.com/jbranchaud/til synced 2026-01-04 23:58:01 +00:00
Code Issues Projects Releases Wiki Activity

Add Salt And Hash A Password With pgcrypto as a postgres til

Browse Source
This commit is contained in:
jbranchaud
2016-03-04 15:28:51 -06:00
parent 2d99ace53b
commit c3ead0fbcf
2 changed files with 46 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -7,7 +7,7 @@ variety of languages and technologies. These are things that don't really
warrant a full blog post. These are mostly things I learn by pairing with warrant a full blog post. These are mostly things I learn by pairing with
smart people at [Hashrocket](http://hashrocket.com/). smart people at [Hashrocket](http://hashrocket.com/).
_354 TILs and counting..._ _355 TILs and counting..._
--- ---
@@ -184,6 +184,7 @@ _354 TILs and counting..._
- [Pretty Print Data Sizes](postgres/pretty-print-data-sizes.md) - [Pretty Print Data Sizes](postgres/pretty-print-data-sizes.md)
- [Restart A Sequence](postgres/restart-a-sequence.md) - [Restart A Sequence](postgres/restart-a-sequence.md)
- [Restarting Sequences When Truncating Tables](postgres/restarting-sequences-when-truncating-tables.md) - [Restarting Sequences When Truncating Tables](postgres/restarting-sequences-when-truncating-tables.md)
- [Salt And Hash A Password With pgcrypto](postgres/salt-and-hash-a-password-with-pgcrypto.md)
- [Send A Command To psql](postgres/send-a-command-to-psql.md) - [Send A Command To psql](postgres/send-a-command-to-psql.md)
- [Set Inclusion With hstore](postgres/set-inclusion-with-hstore.md) - [Set Inclusion With hstore](postgres/set-inclusion-with-hstore.md)
- [Set A Seed For The Random Number Generator](postgres/set-a-seed-for-the-random-number-generator.md) - [Set A Seed For The Random Number Generator](postgres/set-a-seed-for-the-random-number-generator.md)

44
postgres/salt-and-hash-a-password-with-pgcrypto.md Normal file
View File

@@ -0,0 +1,44 @@
# Salt And Hash A Password With pgcrypto
The
[`pgcrypto`](http://www.postgresql.org/docs/current/static/pgcrypto.html)
extension that ships with PostgreSQL can be used to do a number of
interesting things. This includes functions for doing salted password
hashing. Using the `crypt` and `gen_salt` functions, we can securely store a
user password and later compare it to plain-text passwords for
authentication purposes.
```sql
create extensions pgcrypto;
select crypt('pa$$w0rd', gen_salt('bf'));
crypt
--------------------------------------------------------------
$2a$06$Z7wmrkYMOyLboLcULUYzNe6nHUcWywSZTt6nSrT5Xdv/VLdJ4g99K
> select (
'$2a$06$Z7wmrkYMOyLboLcULUYzNe6nHUcWywSZTt6nSrT5Xdv/VLdJ4g99K' =
crypt(
'pa$$w0rd',
'$2a$06$Z7wmrkYMOyLboLcULUYzNe6nHUcWywSZTt6nSrT5Xdv/VLdJ4g99K'
)
) as matched;
matched
---------
t
> select (
'$2a$06$Z7wmrkYMOyLboLcULUYzNe6nHUcWywSZTt6nSrT5Xdv/VLdJ4g99K' =
crypt(
'password',
'$2a$06$Z7wmrkYMOyLboLcULUYzNe6nHUcWywSZTt6nSrT5Xdv/VLdJ4g99K'
)
) as matched;
matched
---------
f
```
See the
[`pgcrypt` documentation](http://www.postgresql.org/docs/current/static/pgcrypto.html) for
more details.