Bcrypt Laravel Hash/Verify

This is a NodeJS extension to allow Wappler to verify against Laravel bcrypt hashes. This is only useful if you’re porting a PHP or Laravel web application into Wappler, and want to keep using the same hashes for compatibility purposes.

Usage screenshots:



The Database Single Query is just:

SELECT password FROM users WHERE email = {{ email }}

bcrypt-laravel.hjson:

[{
    type: 'bcrypt-laravel_hash',
    module: 'bcrypt-laravel',
    action: 'hash',
    groupTitle: 'Password',
    groupIcon: 'fal fa-lg fal fa-key comp-security',
    title: 'Bcrypt Laravel Hash',
    icon: 'fal fa-lg fa-key comp-security',
    dataPickObject: true,
    globalVars: {
      '$_POST': [{
        name: 'password',
        type: 'text'
      }]
    },
    properties: [{
      group: 'Bcrypt Laravel Properties',
      variables: [{
          name: 'name',
          optionName: 'name',
          title: 'Name',
          type: 'text',
          required: true,
          defaultValue: '',
          help: 'This will be the name for the output key and the tag used in the expression builder'
        }, {
          name: 'password',
          optionName: 'password',
          title: 'Password',
          type: 'text',
          required: true,
          defaultValue: '',
          serverDataBindings: true,
          help: 'The password you want to hash'
        },
        {
          name: 'output',
          optionName: 'output',
          title: 'Output',
          type: 'boolean',
          defaultValue: false
        }
      ]
    }]
  },
  {
    type: 'bcrypt-laravel_verify',
    module: 'bcrypt-laravel',
    action: 'verify',
    groupTitle: 'Password',
    groupIcon: 'fal fa-lg fal fa-key comp-security',
    title: 'Bcrypt Laravel Verify',
    icon: 'fal fa-lg fa-key comp-security',
    dataPickObject: true,
    properties: [{
      group: 'Password Verify Options',
      variables: [{
          name: 'name',
          optionName: 'name',
          title: 'Name',
          type: 'text',
          required: true,
          defaultValue: '',
          help: 'This will be the name for the output key and the tag used in the expression builder'
        },
        {
          name: 'password',
          optionName: 'password',
          title: 'Password',
          type: 'text',
          required: true,
          defaultValue: '',
          serverDataBindings: true,
          help: 'The password you want to verify'
        },
        {
          name: 'hash',
          optionName: 'hash',
          title: 'hash',
          type: 'text',
          required: true,
          defaultValue: '',
          serverDataBindings: true,
          help: 'The hash you want to verify the password against'
        },
        {
          name: 'output',
          optionName: 'output',
          title: 'Output',
          type: 'boolean',
          defaultValue: false
        }
      ]
    }]
  },
]

bcrypt-laravel.json:

const bcrypt = require('bcrypt');
const saltRounds = 10;

exports.verify = async function (options) {
    // Accepts plaintext password and hash
    // Returns true if password is correct
    let hash = String(this.parse(options.hash));
    hash = hash.replace(/^\$2y(.+)$/i, '$2a$1'); // Laravel to NodeJS bcrypt
    return await bcrypt.compare(String(this.parse(options.password)), hash);
};

exports.hash = async function (options) {
    // Accepts plaintext password
    // Returns the hashed password
    let password = String(this.parse(options.password))
    let hashed = await bcrypt.hash(password, saltRounds);
    hashed = hashed.replace('$2a$', '$2y$');
    hashed = hashed.replace('$2b$', '$2y$');
    return hashed;
};

Most code was based on JonL’s Argon2 extension. Hope this helps someone!

Edit: I think you need to npm install bcrypt as well - it’s not automatic

2 Likes