Password column must suport SHA256|SALT style password storage.

[jaw-sh]

If a password is the length of SHA256 + 1 + 32, then the pass algorithm needs to be different.

If the password is the length of 60, then use BCRYPT comparison.

[jaw-sh]

The legacy password support is a bit different than the ticket describes.

user.password works as normal, but is now nullable.
user.password_legacy is a nullable mediumText field that is built to store JSON encoded arrays with information about non-standard authentication keys.

Laravel has a built-in way of dealing with password encryption upgrades that runs off how PHP does it, but for old encryption methods it needs legacy keys.

Right now there is only one legacy item and it looks like this.

{
    'hasher'  : "Vichan",
    'hash'     : "3eb2ab8ecbc61500797c5a4e5cb695ec6e0daf106f25c7b7e817a9fe1e138765",
    'options' : {
        'salt' : "645543a56f8689599b5653bc1f7df8cc"
    }
}

This instructs the new EloquentUserProvider to load \App\Services\Hasher\VichanHasher instead of \Illuminate\Hasher\BcryptHasher for dealing with the information. This model is preloaded with the property salt, as defined, and given the input plaintext password. The VichanHasher then uses the unique methodology that Vichan uses to generate a hash and compares it to the hash key.

If it all checks out, then the password_legacy is cleared and the password is properly bcrypted into password.

This can be setup to handle any sort of password authentication.