First applies the passed in hasher
function to the received secret part of the Credentials
and then safely compares the passed in secret
with the hashed received secret.
First applies the passed in hasher
function to the received secret part of the Credentials
and then safely compares the passed in secret
with the hashed received secret.
This method can be used if the secret is not stored in plain text.
Use of this method instead of manual String equality testing is recommended in order to guard against timing attacks.
See also EnhancedString#secure_==, for more information.
Safely compares the passed in secret
with the received secret part of the Credentials.
Safely compares the passed in secret
with the received secret part of the Credentials.
Use of this method instead of manual String equality testing is recommended in order to guard against timing attacks.
See also EnhancedString#secure_==, for more information.