Followed this tutorial (https://wappler.io/docs/#Create-Log-In-Page) to learn how to create a login form.
When testing to login, result is always the success redirect.
No matter what passord or email I enter I am always redirected to the success url, never an error alert.
Even if the user exists or not.
(localhost)
Got half way. The “Security Login” step wasn’t saved … So now I get alerts …
But I use an exisiting database and the password field is encrypted with “bcrypt”.
(old laravel installation)
Is there a way to decrypt the password …?
Thank you very much for directing me to that tutorial. Very helpful for future projects.
My problem now is that this is an existing db with alreade encrypted passwords. Encrypted with “bcrypt”. I have no idea which “salt” to use.
Some googling might help
Bcrypt doesn’t use a salt in the way you might be thinking about it. It exploits the full 128-bit salt space. So instead of using a constant salt, it generates a new one and a new hash every time. Due to this it is impossible to decrypt a bcrypt password.
What you need to be concerned with is the work factor that was used.
In a hashed password, it will look like this: