Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Make hash password strategy work as advertised

  • Loading branch information...
commit 971f0fc3674c0823ed18f7893f177b82cd650d37 1 parent bec9c2a
@phpnode authored
Showing with 49 additions and 49 deletions.
  1. +49 −49 AHashPasswordStrategy.php
View
98 AHashPasswordStrategy.php
@@ -1,50 +1,50 @@
-<?php
-/**
- * A password strategy based on multiple rounds of hashes.
- * The default implementation encodes passwords using 100 rounds of sha1
- * @author Charles Pick
- * @package packages.passwordStrategy
- */
-class AHashPasswordStrategy extends APasswordStrategy {
-
- /**
- * The work factor used when hashing passwords.
- * The higher the work factor the more computationally expensive
- * it is to encode and validate passwords. So it makes your passwords
- * harder to crack, but it can also be a burden on your own server.
- *
- * @var integer
- */
- public $workFactor = 100;
-
- /**
- * The hash method to use when encoding passwords
- * @var Callable
- */
- public $hashMethod = array("sha1");
-
- /**
- * Generates a random salt to use when noncing passwords
- * @return string the random salt
- */
- protected function generateSalt()
- {
- return sha1(uniqid("",true));
- }
-
- /**
- * Encode a plain text password.
- * Child classes should implement this method and do their encoding here
- * @param string $password the plain text password to encode
- * @return string the encoded password
- */
- public function encode($password)
- {
- $hash = $this->getSalt()."###".$password;
- for($i = 0; $i < $this->workFactor; $i++) {
- $hash = sha1($hash);
- }
- return $hash;
- }
-
+<?php
+/**
+ * A password strategy based on multiple rounds of hashes.
+ * The default implementation encodes passwords using 100 rounds of sha1
+ * @author Charles Pick
+ * @package packages.passwordStrategy
+ */
+class AHashPasswordStrategy extends APasswordStrategy {
+
+ /**
+ * The work factor used when hashing passwords.
+ * The higher the work factor the more computationally expensive
+ * it is to encode and validate passwords. So it makes your passwords
+ * harder to crack, but it can also be a burden on your own server.
+ *
+ * @var integer
+ */
+ public $workFactor = 100;
+
+ /**
+ * The hash method to use when encoding passwords
+ * @var Callable
+ */
+ public $hashMethod = "sha1";
+
+ /**
+ * Generates a random salt to use when noncing passwords
+ * @return string the random salt
+ */
+ protected function generateSalt()
+ {
+ return call_user_func_array($this->hashMethod,array(uniqid("",true)));
+ }
+
+ /**
+ * Encode a plain text password.
+ * Child classes should implement this method and do their encoding here
+ * @param string $password the plain text password to encode
+ * @return string the encoded password
+ */
+ public function encode($password)
+ {
+ $hash = $this->getSalt()."###".$password;
+ for($i = 0; $i < $this->workFactor; $i++) {
+ $hash = call_user_func_array($this->hashMethod,array($hash));
+ }
+ return $hash;
+ }
+
}
Please sign in to comment.
Something went wrong with that request. Please try again.