t3hnar / scala-bcrypt

Scala wrapper for jBcrypt + pom.xml inside

Version Matrix

Scala Bcrypt Build Status Coverage Status Codacy Badge Version

Scala Bcrypt is a scala friendly wrapper of jBCRYPT

Examples

Safe APIs

The safe APIs will result in scala.util.Failures and scala.util.Successs when executing operations to explicitly indicate the possibility that certain bcrypt operations can fail due to providing incorrect salt versions or number of rounds (eg. > 30 rounds).

Encrypt password

    scala>  import com.github.t3hnar.bcrypt._
    import com.github.t3hnar.bcrypt._

    scala>  "password".bcryptSafeBounded
    res1: Try[String] = Success($2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG)

Validate password

    scala>  "password".isBcryptedSafeBounded("$2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG")
    res2: Try[Boolean] = Success(true)

Composition

Since Try is monadic, you can use a for-comprehension to compose operations that return Success or Failure with fail-fast semantics. You can also use the desugared notation (flatMaps and maps) if you prefer.

    scala>  val bcryptAndVerify = for {
      bcrypted <- "hello".bcryptBounded(12)
      result <- "hello".isBcryptedSafeBounded(bcrypted)
    } yield result
    res: Try[Boolean] = Success(true)

Advanced usage

By default, the salt generated internally, and developer does not need to generate and store salt. But if you decide that you need to manage salt, you can use bcrypt in the following way:

    scala>  val salt = generateSalt
    salt: String = $2a$10$8K1p/a0dL1LXMIgoEDFrwO

    scala>  "password".bcryptBounded(salt)
    res3: Try[String] = Success($2a$10$8K1p/a0dL1LXMIgoEDFrwOfMQbLgtnOoKsWc.6U6H0llP3puzeeEu)

Unsafe APIs

The Unsafe APIs will result in Exceptions being thrown when executing operations as certain bcrypt operations can fail due to providing incorrect salt versions or number of rounds (eg. > 30 rounds or password longer than 71 bytes). These Unsafe APIs are present for backwards compatibility reasons and should be avoided if possible.

Encrypt password

    scala>  import com.github.t3hnar.bcrypt._
    import com.github.t3hnar.bcrypt._

    scala>  "password".bcryptBounded
    res1: String = $2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG

Validate password

    scala>  "password".isBcryptedBounded("$2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG")
    res2: Boolean = true

Advanced usage

    scala>  val salt = generateSalt
    salt: String = $2a$10$8K1p/a0dL1LXMIgoEDFrwO

    scala>  "password".bcryptBounded(salt)
    res3: String = $2a$10$8K1p/a0dL1LXMIgoEDFrwOfMQbLgtnOoKsWc.6U6H0llP3puzeeEu

Setup

SBT

libraryDependencies += "com.github.t3hnar" %% "scala-bcrypt" % "4.1"

Maven

<dependency>
    <groupId>com.github.t3hnar</groupId>
    <artifactId>scala-bcrypt_2.13</artifactId>
    <version>4.1</version>
</dependency>