-
Notifications
You must be signed in to change notification settings - Fork 3.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1275 from ADmad/2.4-auth-hashtype
Added password hasher
- Loading branch information
Showing
8 changed files
with
328 additions
and
72 deletions.
There are no files selected for viewing
73 changes: 73 additions & 0 deletions
73
lib/Cake/Controller/Component/Auth/AbstractPasswordHasher.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
<?php | ||
/** | ||
* PHP 5 | ||
* | ||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org) | ||
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org) | ||
* | ||
* Licensed under The MIT License | ||
* For full copyright and license information, please see the LICENSE.txt | ||
* Redistributions of files must retain the above copyright notice. | ||
* | ||
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org) | ||
* @link http://cakephp.org CakePHP(tm) Project | ||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php) | ||
*/ | ||
|
||
/** | ||
* Abstract password hashing class | ||
* | ||
* @package Cake.Controller.Component.Auth | ||
*/ | ||
abstract class AbstractPasswordHasher { | ||
|
||
/** | ||
* Configurations for this object. Settings passed from authenticator class to | ||
* the constructor are merged with this property. | ||
* | ||
* @var array | ||
*/ | ||
protected $_config = array(); | ||
|
||
/** | ||
* Constructor | ||
* | ||
* @param array $config Array of config. | ||
*/ | ||
public function __construct($config = array()) { | ||
$this->config($config); | ||
} | ||
|
||
/** | ||
* Get/Set the config | ||
* | ||
* @param array $config Sets config, if null returns existing config | ||
* @return array Returns configs | ||
*/ | ||
public function config($config = null) { | ||
if (is_array($config)) { | ||
$this->_config = array_merge($this->_config, $config); | ||
} | ||
return $this->_config; | ||
} | ||
|
||
/** | ||
* Generates password hash. | ||
* | ||
* @param string|array $password Plain text password to hash or array of data | ||
* required to generate password hash. | ||
* @return string Password hash | ||
*/ | ||
abstract public function hash($password); | ||
|
||
/** | ||
* Check hash. Generate hash from user provided password string or data array | ||
* and check against existing hash. | ||
* | ||
* @param string|array $password Plain text password to hash or data array. | ||
* @param string Existing hashed password. | ||
* @return boolean True if hashes match else false. | ||
*/ | ||
abstract public function check($password, $hashedPassword); | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
47 changes: 47 additions & 0 deletions
47
lib/Cake/Controller/Component/Auth/BlowfishPasswordHasher.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
<?php | ||
/** | ||
* PHP 5 | ||
* | ||
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org) | ||
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org) | ||
* | ||
* Licensed under The MIT License | ||
* For full copyright and license information, please see the LICENSE.txt | ||
* Redistributions of files must retain the above copyright notice. | ||
* | ||
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org) | ||
* @link http://cakephp.org CakePHP(tm) Project | ||
* @license MIT License (http://www.opensource.org/licenses/mit-license.php) | ||
*/ | ||
App::uses('AbstractPasswordHasher', 'Controller/Component/Auth'); | ||
App::uses('Security', 'Utility'); | ||
|
||
/** | ||
* Blowfish password hashing class. | ||
* | ||
* @package Cake.Controller.Component.Auth | ||
*/ | ||
class BlowfishPasswordHasher extends AbstractPasswordHasher { | ||
|
||
/** | ||
* Generates password hash. | ||
* | ||
* @param string $password Plain text password to hash. | ||
* @return string Password hash | ||
*/ | ||
public function hash($password) { | ||
return Security::hash($password, 'blowfish', false); | ||
} | ||
|
||
/** | ||
* Check hash. Generate hash for user provided password and check against existing hash. | ||
* | ||
* @param string $password Plain text password to hash. | ||
* @param string Existing hashed password. | ||
* @return boolean True if hashes match else false. | ||
*/ | ||
public function check($password, $hashedPassword) { | ||
return $hashedPassword === Security::hash($password, 'blowfish', $hashedPassword); | ||
} | ||
|
||
} |
Oops, something went wrong.