Scala Bcrypt
Scala Bcrypt is a scala friendly wrapper of jBCRYPT
Examples
Safe APIs
The safe APIs will result in scala.util.Failure
s and scala.util.Success
s when executing operations to explicitly
indicate the possibility that certain bcrypt operations can fail due to providing incorrect salt versions or number of
rounds (eg. > 30 rounds).
Encrypt password
scala> import com.github.t3hnar.bcrypt._
import com.github.t3hnar.bcrypt._
scala> "password".bcryptSafeBounded
res1: Try[String] = Success($2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG)
Validate password
scala> "password".isBcryptedSafeBounded("$2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG")
res2: Try[Boolean] = Success(true)
Composition
Since Try
is monadic, you can use a for-comprehension to compose operations that return Success
or Failure
with
fail-fast semantics. You can also use the desugared notation (flatMap
s and map
s) if you prefer.
scala> val bcryptAndVerify = for {
bcrypted <- "hello".bcryptBounded(12)
result <- "hello".isBcryptedSafeBounded(bcrypted)
} yield result
res: Try[Boolean] = Success(true)
Advanced usage
By default, the salt
generated internally, and developer does not need to generate and store salt.
But if you decide that you need to manage salt, you can use bcrypt
in the following way:
scala> val salt = generateSalt
salt: String = $2a$10$8K1p/a0dL1LXMIgoEDFrwO
scala> "password".bcryptBounded(salt)
res3: Try[String] = Success($2a$10$8K1p/a0dL1LXMIgoEDFrwOfMQbLgtnOoKsWc.6U6H0llP3puzeeEu)
Unsafe APIs
The Unsafe APIs will result in Exceptions being thrown when executing operations as certain bcrypt operations can fail due to providing incorrect salt versions or number of rounds (eg. > 30 rounds or password longer than 71 bytes). These Unsafe APIs are present for backwards compatibility reasons and should be avoided if possible.
Encrypt password
scala> import com.github.t3hnar.bcrypt._
import com.github.t3hnar.bcrypt._
scala> "password".bcryptBounded
res1: String = $2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG
Validate password
scala> "password".isBcryptedBounded("$2a$10$iXIfki6AefgcUsPqR.niQ.FvIK8vdcfup09YmUxmzS/sQeuI3QOFG")
res2: Boolean = true
Advanced usage
scala> val salt = generateSalt
salt: String = $2a$10$8K1p/a0dL1LXMIgoEDFrwO
scala> "password".bcryptBounded(salt)
res3: String = $2a$10$8K1p/a0dL1LXMIgoEDFrwOfMQbLgtnOoKsWc.6U6H0llP3puzeeEu
Setup
SBT
libraryDependencies += "com.github.t3hnar" %% "scala-bcrypt" % "4.3.1"
Maven
<dependency>
<groupId>com.github.t3hnar</groupId>
<artifactId>scala-bcrypt_2.13</artifactId>
<version>4.3.1</version>
</dependency>