Discuss

Using Argon2 Secure Hashes

On this page

Intro

Using the Argon2 hashing algorithm requires a little different workflow for creating and validating the users using Security Provider. In this tutorial we will show you what's different and how to create users in your database and validate them on login.

You already know how to create a login system, so we won't show the whole workflow again, as it's the same. If you don't know how how to do this, please check: Security and Login

Hashing Users' Passwords

Before we insert the users login details in the database we need to hash their password. We created a server action which will insert this data in the database. Right click execute:

Screenshot_1|690x431

Add a new step. Select Cryptographic > Password Hash

Screenshot_2|690x431

Then click the dynamic data picker for the Password:

Screenshot_3|690x431

This is the password input, under the $_POST variables, which we receive from the form on the registration page. Click Select:

Screenshot_4|690x431

Then select the hashing algorithm. We select Argon2id:

Screenshot_5|690x431

And you are done, now you have the password hashed and we can insert it in the database.

Storing Users Login Data in the Database

When creating the users in your database you need to store their hashed password there. For storing the hashed passwords in your database we recommend using a varchar(255) database field.

Right click the Password Hash step:

Screenshot_6|690x431

And add a new action:

Screenshot_7|690x431

Under Database Actions select Database Insert:

Screenshot_8|690x431

And click the Insert Options button:

Screenshot_9|690x431

Select the database table, where you want to store your users login details:

Screenshot_10|690x431

And click the dynamic data picker for the password field value:

Screenshot_12|690x431

Here, we need to select the Password Hash step as it returns the hashed password which we need to store in the database:

Screenshot_13|690x431

Click OK:

Screenshot_14|690x431

And you are done.

Screenshot_15|690x431

And you are done. The password passed by the password input will be stored in the database hashed with the Argon2id algorithm.

Validate Users with Security Provider

Once you have your users' passwords hashed and stored in the database, under Globals > Security Providers setup your Security Provider as usual:

Screenshot_16|690x431

Select the users table, identity, username and password fields. Click OK:

Screenshot_17|690x431

The difference with Argon2 hashing is that you need to enable the Use Password Hash Verify option:

Screenshot_18|690x431

Then open your login server action:

Screenshot_19|690x431

Add a new action:

Screenshot_20|690x431

And add your login step as usual:

Screenshot_21|690x431

Select your username and password inputs here. Note: you should not apply any formatting for the password input value:

Screenshot_22|690x431

And you are done. These are the specific things in creating users and verifying them on login using the Argon2 hashing algorithm.