support hashing passwords with password_hash()
This commit is contained in:
printempw
parent
c018e132c8
commit
7d9535007e
@ -30,9 +30,10 @@ DB_PREFIX = null
|
||||
|
||||
# Encrypt Method for Passwords.
|
||||
#
|
||||
# Available values: MD5, SALTED2MD5, (SALTED2)SHA256, (SALTED2)SHA512
|
||||
# Available values: PHP_PASSWORD_HASH, (SALTED2)MD5, (SALTED2)SHA256, (SALTED2)SHA512
|
||||
# New sites are highly recommend to use PHP_PASSWORD_HASH.
|
||||
#
|
||||
PWD_METHOD = SALTED2MD5
|
||||
PWD_METHOD = PHP_PASSWORD_HASH
|
||||
|
||||
# Salt
|
||||
# Change it to any random string to secure your passwords & tokens.
|
||||
|
||||
@ -49,7 +49,7 @@ class AuthController extends Controller
|
||||
if (!$user) {
|
||||
return json(trans('auth.validation.user'), 2);
|
||||
} else {
|
||||
if ($user->checkPasswd($request->input('password'))) {
|
||||
if ($user->verifyPassword($request->input('password'))) {
|
||||
Session::forget('login_fails');
|
||||
|
||||
Session::put('uid' , $user->uid);
|
||||
|
||||
@ -79,7 +79,7 @@ class UserController extends Controller
|
||||
'new_password' => 'required|min:8|max:16'
|
||||
]);
|
||||
|
||||
if (!$this->user->checkPasswd($request->input('current_password')))
|
||||
if (!$this->user->verifyPassword($request->input('current_password')))
|
||||
return json(trans('user.profile.password.wrong-password'), 1);
|
||||
|
||||
if ($this->user->changePasswd($request->input('new_password')))
|
||||
@ -93,7 +93,7 @@ class UserController extends Controller
|
||||
'password' => 'required|min:8|max:16'
|
||||
]);
|
||||
|
||||
if (!$this->user->checkPasswd($request->input('password')))
|
||||
if (!$this->user->verifyPassword($request->input('password')))
|
||||
return json(trans('user.profile.email.wrong-password'), 1);
|
||||
|
||||
if ($this->user->setEmail($request->input('new_email')))
|
||||
@ -106,7 +106,7 @@ class UserController extends Controller
|
||||
'password' => 'required|min:8|max:16'
|
||||
]);
|
||||
|
||||
if (!$this->user->checkPasswd($request->input('password')))
|
||||
if (!$this->user->verifyPassword($request->input('password')))
|
||||
return json(trans('user.profile.delete.wrong-password'), 1);
|
||||
|
||||
if ($this->user->delete()) {
|
||||
|
||||
@ -69,26 +69,28 @@ class User extends Model
|
||||
* @param string $rawPasswd
|
||||
* @return bool
|
||||
*/
|
||||
public function checkPasswd($rawPasswd)
|
||||
public function verifyPassword($rawPasswd)
|
||||
{
|
||||
return (static::encryptPassword($rawPasswd, $this) == $this->password);
|
||||
// compare directly if any responses is returned by event dispatcher
|
||||
if ($result = static::getEncryptedPwdFromEvent($rawPasswd, $this)) {
|
||||
return ($result == $this->password);
|
||||
}
|
||||
|
||||
return app('cipher')->verify($rawPasswd, $this->password, config('secure.salt'));
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypt user's password.
|
||||
* Try to get encrypted password from event dispatcher.
|
||||
*
|
||||
* @param string $rawPasswd
|
||||
* @param User $user
|
||||
* @return mixed
|
||||
*/
|
||||
protected static function encryptPassword($rawPasswd, User $user)
|
||||
protected static function getEncryptedPwdFromEvent($rawPasswd, User $user)
|
||||
{
|
||||
$responses = event(new EncryptUserPassword($rawPasswd, $user));
|
||||
|
||||
return Arr::get($responses, 0,
|
||||
// encrypt with current cipher if no response is returned by the event dispatcher
|
||||
app('cipher')->encrypt($rawPasswd, config('secure.salt'))
|
||||
);
|
||||
return Arr::get($responses, 0);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -112,7 +114,7 @@ class User extends Model
|
||||
$user->save();
|
||||
|
||||
// save again with password
|
||||
$user->password = static::encryptPassword($password, $user);
|
||||
$user->password = static::getEncryptedPwdFromEvent($password, $user) ?: app('cipher')->hash($password, config('secure.salt'));
|
||||
$user->save();
|
||||
|
||||
return $user;
|
||||
@ -131,7 +133,7 @@ class User extends Model
|
||||
if (isset($responses[0])) {
|
||||
$this->password = $responses[0];
|
||||
} else {
|
||||
$this->password = app('cipher')->encrypt($new_passwd, config('secure.salt'));
|
||||
$this->password = app('cipher')->hash($new_passwd, config('secure.salt'));
|
||||
}
|
||||
|
||||
return $this->save();
|
||||
|
||||
@ -8,6 +8,7 @@ use Validator;
|
||||
use App\Events;
|
||||
use Illuminate\Support\Arr;
|
||||
use Illuminate\Support\ServiceProvider;
|
||||
use App\Exceptions\PrettyPageException;
|
||||
|
||||
class AppServiceProvider extends ServiceProvider
|
||||
{
|
||||
@ -49,7 +50,14 @@ class AppServiceProvider extends ServiceProvider
|
||||
public function register()
|
||||
{
|
||||
// register default cipher
|
||||
$this->app->singleton('cipher', "App\Services\Cipher\\".config('secure.cipher'));
|
||||
$className = "App\Services\Cipher\\".config('secure.cipher');
|
||||
|
||||
if (class_exists($className)) {
|
||||
$this->app->singleton('cipher', $className);
|
||||
} else {
|
||||
exit(sprintf("No such encrypt method: [%s], please check your .env configuration.", config('secure.cipher')));
|
||||
}
|
||||
|
||||
$this->app->singleton('users', \App\Services\Repositories\UserRepository::class);
|
||||
$this->app->singleton('parsedown', \Parsedown::class);
|
||||
}
|
||||
|
||||
23
app/Services/Cipher/BaseCipher.php
Normal file
23
app/Services/Cipher/BaseCipher.php
Normal file
@ -0,0 +1,23 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Cipher;
|
||||
|
||||
abstract class BaseCipher implements EncryptInterface
|
||||
{
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function hash($value, $salt = "")
|
||||
{
|
||||
//
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function verify($password, $hash, $salt = "")
|
||||
{
|
||||
return ($this->hash($password, $salt) === $hash);
|
||||
}
|
||||
|
||||
}
|
||||
@ -5,11 +5,20 @@ namespace App\Services\Cipher;
|
||||
interface EncryptInterface
|
||||
{
|
||||
/**
|
||||
* Encrypt given string w/ or w/o salt
|
||||
* Encrypt given string with given salt.
|
||||
*
|
||||
* @param string $value
|
||||
* @param string $salt
|
||||
* @return string
|
||||
*/
|
||||
public function encrypt($value, $salt = "");
|
||||
public function hash($value, $salt = "");
|
||||
|
||||
/**
|
||||
* Verifies that the given hash matches the given password.
|
||||
*
|
||||
* @param string $password
|
||||
* @param string $hash
|
||||
* @return bool
|
||||
*/
|
||||
public function verify($password, $hash);
|
||||
}
|
||||
|
||||
@ -2,12 +2,12 @@
|
||||
|
||||
namespace App\Services\Cipher;
|
||||
|
||||
class MD5 implements EncryptInterface
|
||||
class MD5 extends BaseCipher
|
||||
{
|
||||
/**
|
||||
* Once MD5 hash
|
||||
*/
|
||||
public function encrypt($value, $salt = "")
|
||||
public function hash($value, $salt = "")
|
||||
{
|
||||
return md5($value);
|
||||
}
|
||||
|
||||
19
app/Services/Cipher/PHP_PASSWORD_HASH.php
Normal file
19
app/Services/Cipher/PHP_PASSWORD_HASH.php
Normal file
@ -0,0 +1,19 @@
|
||||
<?php
|
||||
|
||||
namespace App\Services\Cipher;
|
||||
|
||||
class PHP_PASSWORD_HASH extends BaseCipher
|
||||
{
|
||||
/**
|
||||
* Use password_hash() to create hash.
|
||||
*/
|
||||
public function hash($value, $salt = "")
|
||||
{
|
||||
return password_hash($value, PASSWORD_DEFAULT);
|
||||
}
|
||||
|
||||
public function verify($password, $hash, $salt = "")
|
||||
{
|
||||
return password_verify($password, $hash);
|
||||
}
|
||||
}
|
||||
@ -2,12 +2,12 @@
|
||||
|
||||
namespace App\Services\Cipher;
|
||||
|
||||
class SALTED2MD5 implements EncryptInterface
|
||||
class SALTED2MD5 extends BaseCipher
|
||||
{
|
||||
/**
|
||||
* MD5 hash with salt
|
||||
*/
|
||||
public function encrypt($value, $salt = "")
|
||||
public function hash($value, $salt = "")
|
||||
{
|
||||
return md5(md5($value).$salt);
|
||||
}
|
||||
|
||||
@ -2,12 +2,12 @@
|
||||
|
||||
namespace App\Services\Cipher;
|
||||
|
||||
class SALTED2SHA256 implements EncryptInterface
|
||||
class SALTED2SHA256 extends BaseCipher
|
||||
{
|
||||
/**
|
||||
* SHA256 hash with salt
|
||||
*/
|
||||
public function encrypt($value, $salt = "")
|
||||
public function hash($value, $salt = "")
|
||||
{
|
||||
return hash('sha256', hash('sha256', $value).$salt);
|
||||
}
|
||||
|
||||
@ -2,14 +2,14 @@
|
||||
|
||||
namespace App\Services\Cipher;
|
||||
|
||||
class SALTED2SHA512 implements EncryptInterface
|
||||
class SALTED2SHA512 extends BaseCipher
|
||||
{
|
||||
/**
|
||||
* SHA512 with salt
|
||||
* SHA512 hash with salt
|
||||
*/
|
||||
public function encrypt($value, $salt = "")
|
||||
public function hash($value, $salt = "")
|
||||
{
|
||||
return hash('sha512', hash('sha256', $value).$salt);
|
||||
return hash('sha512', hash('sha512', $value).$salt);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -2,12 +2,12 @@
|
||||
|
||||
namespace App\Services\Cipher;
|
||||
|
||||
class SHA256 implements EncryptInterface
|
||||
class SHA256 extends BaseCipher
|
||||
{
|
||||
/**
|
||||
* Once SHA256 hash
|
||||
*/
|
||||
public function encrypt($value, $salt = "")
|
||||
public function hash($value, $salt = "")
|
||||
{
|
||||
return hash('sha256', $value);
|
||||
}
|
||||
|
||||
@ -2,12 +2,12 @@
|
||||
|
||||
namespace App\Services\Cipher;
|
||||
|
||||
class SHA512 implements EncryptInterface
|
||||
class SHA512 extends BaseCipher
|
||||
{
|
||||
/**
|
||||
* Once SHA512 hash
|
||||
*/
|
||||
public function encrypt($value, $salt = "")
|
||||
public function hash($value, $salt = "")
|
||||
{
|
||||
return hash('sha512', $value);
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user