New hash algorithm: Bcrypt

.env.example

@@ -29,14 +29,14 @@ DB_PREFIX = null
 # Hash Algorithm for Passwords
 #
 # Available values:
-# - PHP_PASSWORD_HASH
+# - BCRYPT, PHP_PASSWORD_HASH
 # - MD5, SALTED2MD5
 # - SHA256, SALTED2SHA256
 # - SHA512, SALTED2SHA512
 #
-# New sites are *highly* recommended to use PHP_PASSWORD_HASH.
+# New sites are *highly* recommended to use BCRYPT.
 #
-PWD_METHOD = PHP_PASSWORD_HASH
+PWD_METHOD = BCRYPT
 
 # Salt
 # Change it to any random string to secure your passwords & tokens.

.env.testing

@@ -14,7 +14,7 @@ DB_USERNAME = root
 DB_PASSWORD = null
 DB_PREFIX = null
 
-PWD_METHOD = PHP_PASSWORD_HASH
+PWD_METHOD = BCRYPT
 SALT  = c67709dd8b7b733aca0d570681fe96cf
 APP_KEY = base64:eVX/xzF5NhpGB2luswliFx9XSBsbbAP21wOi68X/P34=
 

app/Services/Cipher/BCRYPT.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace App\Services\Cipher;
+
+class BCRYPT extends BaseCipher
+{
+    public function hash($value, $salt = '')
+    {
+        return password_hash($value, PASSWORD_BCRYPT);
+    }
+
+    public function verify($password, $hash, $salt = '')
+    {
+        return password_verify($password, $hash);
+    }
+}

app/Services/Cipher/PHP_PASSWORD_HASH.php

@@ -4,9 +4,6 @@ namespace App\Services\Cipher;
 
 class PHP_PASSWORD_HASH extends BaseCipher
 {
-    /**
-     * Use password_hash() to create hash.
-     */
     public function hash($value, $salt = '')
     {
         return password_hash($value, PASSWORD_DEFAULT);