Open xinyuan-404 opened 1 year ago
the code as following:
tokenPlaintext := "J7H4KRUHODF42PI57KZQ43XDUM" hash, _ := bcrypt.GenerateFromPassword([]byte(tokenPlaintext), 12) query := `SELECT users.id, users.create_at, users.name, users.email, users.password_hash, users.activated, users.version FROM users INNER JOIN tokens ON users.id = tokens.user_id WHERE tokens.scope = $1 AND tokens.expiry > $2 AND tokens.hash = $3` args := []interface{}{tokenScope, t1, hash[:]} var user User ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second) defer cancel() err = db.QueryRowContext(ctx, query, args...).Scan( &user.ID, &user.CreateAt, &user.Name, &user.Account, &user.Password.hash, &user.Activated, &user.Version, ) fmt.Println(user)
{0 0001-01-01 00:00:00 +0000 UTC {<nil> []} false 0}
But if we read the value of tokens.hash, we can make the following judgment
err := bcrypt.CompareHashAndPassword(token.hash, []byte(tokenPlaintext))
Err equals nil
This makes me feel very confused It seems that I cannot to find the corresponding tokens for the byte type parameters I passed in Hash, but we read the hash from the database, encrypt and compare the plaintext, and the results are indeed equal
the code as following:
{0 0001-01-01 00:00:00 +0000 UTC {<nil> []} false 0}
But if we read the value of tokens.hash, we can make the following judgment
err := bcrypt.CompareHashAndPassword(token.hash, []byte(tokenPlaintext))
Err equals nil
This makes me feel very confused It seems that I cannot to find the corresponding tokens for the byte type parameters I passed in Hash, but we read the hash from the database, encrypt and compare the plaintext, and the results are indeed equal