Play frame (vi) user authentication

User authentication uses several features of the play framework, including the forms and databases that have been previously known, and the encryption and session to be mentioned in this article, authentification. Depending on the complexity of the application or site, user authentication can also change. A basic implementation of user authentication is described here.

Encryption

For information security, user passwords need to be encrypted rather than saved as plaintext. The bcrypt algorithm can hash (hash) conversions on plaintext passwords. The password I keep in the database is the converted text.

Jbcrypt is an external package that provides BCRYPT functionality. To describe the source and version of this package in BUILD.SBT:

Name: = "Test"
       
version: = "1.0-snapshot"
       
librarydependencies ++= Seq (   
  javajdbc,   
  Javaebean,   
  cache ,   
  "MySQL"% "Mysql-connector-java"% "5.1.18",   
  "Org.mindrot"% "jbcrypt"% "0.3m"
) play   
       
. Project.playjavasettings

That is the new Jbcrypt line above. You can use it again after you run the play. For eclipse to automatically complement related calls to the package, you can use play Eclipse and reintroduce the project to eclipse.

I'll use a small example below to illustrate the hash transformation of the bcrypt. To add action in play:

public static result Bcrypt () {   
    String PasswordHash = BCRYPT.HASHPW ("Hello", Bcrypt.gensalt ());   
    Boolean correct = BCRYPT.CHECKPW ("Hello", PasswordHash);   
    Boolean wrong = BCRYPT.CHECKPW ("World", PasswordHash);   
    Return OK (PasswordHash + "" + Correct + "" + wrong);   
}

The above program needs to introduce Org.mindrot.jbcrypt.BCrypt. The "Hello" string is hashed in the action and verifies that "Hello" and "world" are original plaintext text.

Add corresponding Url,/bcrypt in routes

Get     /bcrypt                     controllers. Application.bcrypt ()

Access page: