BA
Better Auth5mo ago
WiFi Plug

migrating from supabase auth how are passwords handled?

Hi, I'm using supabase auth currently and I'm wondering how the passwords are handled when migrating as supabase uses bcrypt to hash passwords but I believe better-auth uses scrypt? So how does that work? Do I need to support both bcrypt + scrypt such that when users login I'll need to check both bcrypt and scrypt and overtime only support scrypt once all (or most) users have signed in again?
4 Replies
EJScheepers
EJScheepers2mo ago
Did you manage to get this working?
WiFi Plug
WiFi PlugOP2mo ago
I didn’t migrate yet, but it’s doable you just need to modify the login password verification function to check if it’s encrypted with bcrypt or not. If it is and they login then rehash it to scrypt to store in the database.
EJScheepers
EJScheepers2mo ago
Okay i'll give it a go.
EJScheepers
EJScheepers2mo ago
Found a better way: https://www.better-auth.com/docs/authentication/email-password#configuration 
  password: {
      hash: async (password: string) => {
        return await bcrypt.hash(password, 10);
      },
      verify: async (
        { password, hash }: { password: string; hash: string },
      ) => {
        return await bcrypt.compare(password, hash);
      },
    },
  password: {
      hash: async (password: string) => {
        return await bcrypt.hash(password, 10);
      },
      verify: async (
        { password, hash }: { password: string; hash: string },
      ) => {
        return await bcrypt.compare(password, hash);
      },
    },
This way you can continue using bcrypt
Email & Password | Better Auth
Implementing email and password authentication with Better Auth.

Did you find this page helpful?