Bcrypt password hashing algorithm for Elixir.
Bcrypt is a well-tested password-based key derivation function that can be configured to remain slow and resistant to brute-force attacks even as computational power increases.
This version is based on the OpenBSD version of Bcrypt and supports
the $2b$
and $2a$
prefixes. For advice on how to use hashes with
the $2y$
prefix, see this issue.
This library can be used on its own, or it can be used together with Comeonin, which provides a higher-level api.
Some developers have reported problems when running tests using async: true
with version 1.0 of bcrypt_elixir. See this issue
for more details.
- Add bcrypt_elixir to the
deps
section of your mix.exs file:
If you are using Erlang 20:
def deps do
[
{:bcrypt_elixir, "~> 1.0"}
]
end
If you are NOT using Erlang 20:
def deps do
[
{:bcrypt_elixir, "~> 0.12"}
]
end
-
Make sure you have a C compiler installed. See the Comeonin wiki for details.
-
Optional: during tests (and tests only), you may want to reduce the number of rounds so it does not slow down your test suite. If you have a config/test.exs, you should add:
config :bcrypt_elixir, :log_rounds, 4
In most cases, you will just need to use the following three functions:
- hash_pwd_salt - hash a password with a randomly-generated salt
- verify_pass - check the password by comparing it with a stored hash
- no_user_verify - perform a dummy check to make user enumeration more difficult
See the documentation for the Bcrypt module for more information.
For a lower-level api, see the documentation for Bcrypt.Base.
For further information about password hashing and using Bcrypt with Comeonin, see the Comeonin wiki.
In order to use bcrypt_elixir
in Docker, you will probably need to manually compile it in your Dockerfile. In order to do it on the Alpine image, you're going to need make
, gcc
and libc-dev
. Add the following lines to your Dockerfile, right after RUN mix deps.get
RUN apk add --no-cache make gcc libc-dev
Remember to add your local _build
and deps
folders to .dockerignore
, because otherwise, you'll see errors coming up.
See the Comeonin deployment guide.
BSD. For full details, please read the LICENSE file.