class PhpPassword
Same name in other branches
- 10 core/lib/Drupal/Core/Password/PhpPassword.php \Drupal\Core\Password\PhpPassword
Secure PHP password hashing functions.
Hierarchy
- class \Drupal\Core\Password\PhpPassword implements \Drupal\Core\Password\PasswordInterface
Expanded class hierarchy of PhpPassword
See also
https://www.php.net/manual/en/book.password.php
2 files declare their use of PhpPassword
- PasswordVerifyTest.php in core/
modules/ phpass/ tests/ src/ Unit/ PasswordVerifyTest.php - PhpPasswordTest.php in core/
tests/ Drupal/ Tests/ Core/ Password/ PhpPasswordTest.php
1 string reference to 'PhpPassword'
- user_custom_pass_hash_params_test.services.yml in core/
modules/ user/ tests/ modules/ user_custom_pass_hash_params_test/ user_custom_pass_hash_params_test.services.yml - core/modules/user/tests/modules/user_custom_pass_hash_params_test/user_custom_pass_hash_params_test.services.yml
1 service uses PhpPassword
- password in core/
modules/ user/ tests/ modules/ user_custom_pass_hash_params_test/ user_custom_pass_hash_params_test.services.yml - Drupal\Core\Password\PhpPassword
File
-
core/
lib/ Drupal/ Core/ Password/ PhpPassword.php, line 10
Namespace
Drupal\Core\PasswordView source
class PhpPassword implements PasswordInterface {
/**
* Constructs a new password hashing instance.
*
* @param string $algorithm
* The hashing algorithm to use. Defaults to PHP default.
* @param array $options
* List of options. Refer to password_hash() for available options.
*
* @see https://www.php.net/password_hash
*/
public function __construct(string $algorithm = PASSWORD_DEFAULT, array $options = []) {
}
/**
* {@inheritdoc}
*/
public function hash($password) {
// Prevent DoS attacks by refusing to hash large passwords.
if (strlen($password) > static::PASSWORD_MAX_LENGTH) {
return FALSE;
}
return password_hash($password, $this->algorithm, $this->options);
}
/**
* {@inheritdoc}
*/
public function check($password, $hash) {
// Prevent DoS attacks by refusing to check large passwords.
if (strlen($password) > static::PASSWORD_MAX_LENGTH) {
return FALSE;
}
// Newly created accounts may have empty passwords.
if ($hash === NULL || $hash === '') {
return FALSE;
}
return password_verify($password, $hash);
}
/**
* {@inheritdoc}
*/
public function needsRehash($hash) {
return password_needs_rehash($hash, $this->algorithm, $this->options);
}
}Members
| Title Sort descending | Modifiers | Object type | Summary | Overriden Title |
|---|---|---|---|---|
| PasswordInterface::PASSWORD_MAX_LENGTH | constant | Maximum password length. | ||
| PhpPassword::check | public | function | Check whether a plain text password matches a hashed password. | Overrides PasswordInterface::check |
| PhpPassword::hash | public | function | Hash a password using a secure hash. | Overrides PasswordInterface::hash |
| PhpPassword::needsRehash | public | function | Check whether a hashed password needs to be replaced with a new hash. | Overrides PasswordInterface::needsRehash |
| PhpPassword::__construct | public | function | Constructs a new password hashing instance. |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.