Version: v0.6.1 - Beta.  We welcome contributors & feedback.  THanks!




Returns true if the password is identical to correctPasswordHash.

SecurityThis uses PHP's password_verify function to protect against timing attacks. Never compare passwords with ==. Use this method instead.

// Get correct password from database
$query = sql'''
    select password from user where userId = {}
$user = Db.getRow($query);
$correctPassword = $user.password;

// Check if password attempt is correct
$tryPassword ='password');
if $tryPassword.match($correctPassword) {
    // log in...

See Also