passwords: with cl-bcrypt

vindarel · vindarel · commit db1063291634 · 2025-01-15T18:49:20.000+01:00
diff --git a/content/building-blocks/users-and-passwords.md b/content/building-blocks/users-and-passwords.md
@@ -55,19 +55,28 @@ Did it work? Run `SELECT * FROM users;`.
 
 ## Encrypting passwords
 
-### With cl-pass
+### With cl-bcrypt
 
-[cl-pass](https://github.com/eudoxia0/cl-pass) is a password hashing and verification library. It is as simple to use as this:
+[cl-bcrypt](https://github.com/dnaeon/cl-bcrypt) is a password hashing and verification library. It is as simple to use as this:
 
 ```lisp
-(cl-pass:hash "test")
-;; "PBKDF2$sha256:20000$5cf6ee792cdf05e1ba2b6325c41a5f10$19c7f2ccb3880716bf7cdf999b3ed99e07c7a8140bab37af2afdc28d8806e854"
-(cl-pass:check-password "test" *)
-;; t
-(cl-pass:check-password "nope" **)
-;; nil
+CL-USER> (defparameter *password*
+           (bcrypt:make-password "my-secret-password"))
+*PASSWORD*
 ```
 
+and you can specify another salt, another cost factor and another algorithm identifier.
+
+Then you can use `bcrypt:encode` to get a string reprentation of the password:
+
+~~~lisp
+CL-USER> (bcrypt:encode *password*)
+"$2a$16$ClVzMvzfNyhFA94iLDdToOVeApbDppFru3JXNUyi1y1x6MkO0KzZa"
+~~~
+
+and you decode a password with `decode`.
+
+
 ### Manually (with Ironclad)
 
 In this recipe we do the encryption and verification ourselves. We use the de-facto standard
diff --git a/content/isomorphic web frameworks/weblocks.md b/content/isomorphic web frameworks/weblocks.md
@@ -13,7 +13,6 @@ The Reblocks's demo we will build is a TODO app:
 
 ![](https://40ants.com/reblocks/images/docs/images/quickstart-check-task.gif)
 
----
 
 {{% notice note %}}
 

Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,6 @@ The Reblocks's demo we will build is a TODO app:`
`13`	`13`
`14`	`14`	`![](https://40ants.com/reblocks/images/docs/images/quickstart-check-task.gif)`
`15`	`15`
`16`		`----`
`17`	`16`
`18`	`17`	`{{% notice note %}}`
`19`	`18`