/
FallbackPasswordHasher.php
107 lines (99 loc) · 3 KB
/
FallbackPasswordHasher.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
<?php
/**
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @since 3.0.0
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
namespace Cake\Auth;
/**
* A password hasher that can use multiple different hashes where only
* one is the preferred one. This is useful when trying to migrate an
* existing database of users from one password type to another.
*
*/
class FallbackPasswordHasher extends AbstractPasswordHasher
{
/**
* Default config for this object.
*
* @var array
*/
protected $_defaultConfig = [
'hashers' => []
];
/**
* Holds the list of password hasher objects that will be used
*
* @var array
*/
protected $_hashers = [];
/**
* Constructor
*
* @param array $config configuration options for this object. Requires the
* `hashers` key to be present in the array with a list of other hashers to be
* used
*/
public function __construct(array $config = [])
{
parent::__construct($config);
foreach ($this->_config['hashers'] as $key => $hasher) {
if (!is_string($hasher)) {
$hasher += [
'className' => $key,
];
}
$this->_hashers[] = PasswordHasherFactory::build($hasher);
}
}
/**
* Generates password hash.
*
* Uses the first password hasher in the list to generate the hash
*
* @param string $password Plain text password to hash.
* @return string Password hash
*/
public function hash($password)
{
return $this->_hashers[0]->hash($password);
}
/**
* Verifies that the provided password corresponds to its hashed version
*
* This will iterate over all configured hashers until one of them returns
* true.
*
* @param string $password Plain text password to hash.
* @param string $hashedPassword Existing hashed password.
* @return bool True if hashes match else false.
*/
public function check($password, $hashedPassword)
{
foreach ($this->_hashers as $hasher) {
if ($hasher->check($password, $hashedPassword)) {
return true;
}
}
return false;
}
/**
* Returns true if the password need to be rehashed, with the first hasher present
* in the list of hashers
*
* @param string $password The password to verify
* @return bool
*/
public function needsRehash($password)
{
return $this->_hashers[0]->needsRehash($password);
}
}