I'm having trouble figuring out how to do this.
Laravel uses the PHP crypt function. I'm not sure what the equivalent is in Ruby.
My passwords are hashed with a $2a hash as well, if that makes a difference.
This is Laravel's function
public static function check($value, $hash)
{
return crypt($value, $hash) === $hash;
}
I've tried Bcrypt::Password.new as well as String#crypt but I can't seem to get them to work.
Example password $2a$08$WJZWRyljoJGx.qunOGuGLeDaOn/Q3ShEvGxTkx3csWXqWUF21GhBe from the database and the real was 123456
Sorry about that. I just figured out how it worked after posting.
The solution was BCrypt::Password.new('$2a$08$WJZWRyljoJGx.qunOGuGLeDaOn/Q3ShEvGxTkx3csWXqWUF21GhBe') == '123456'
The PHP crypt method uses a non-standard notation for bcrypt-hashed entries. You need to correct this:
hash = '$2y$10$tKrgxXzN.naFD3r//yX9/O5uJmGRA9lzlcoPgK.F8REX.kx9xOesS'
BCrypt::Password.new(hash.sub(/\A\$2y/, '$2a')) == "Test1111!"
# => true
There was a bug in PHP's crypto library so 2y represents the fixed version.