function SystemRequirementsHooks::checkPasswordHashing

Same name and namespace in other branches
  1. 11.x core/modules/system/src/Hook/SystemRequirementsHooks.php \Drupal\system\Hook\SystemRequirementsHooks::checkPasswordHashing()

Builds password hashing requirements check result.

Return value

array Hashing requirements result.

1 call to SystemRequirementsHooks::checkPasswordHashing()
SystemRequirementsHooks::checkRequirements in core/modules/system/src/Hook/SystemRequirementsHooks.php
Check requirements for a given phase.

File

core/modules/system/src/Hook/SystemRequirementsHooks.php, line 1535

Class

SystemRequirementsHooks
Requirements hook implementations for system module.

Namespace

Drupal\system\Hook

Code

protected function checkPasswordHashing() : array {
  $availableAlgorithms = password_algos();
  $hashingAlgorithm = \Drupal::getContainer()->getParameter('password.algorithm') ?? PASSWORD_DEFAULT;
  if (!in_array($hashingAlgorithm, $availableAlgorithms, TRUE)) {
    return [
      'title' => $this->t('Password hashing'),
      'value' => $this->t('The configured password hashing algorithm %algorithm is not available in your PHP installation. Ensure that the <a href=":url">necessary PHP extensions</a> are installed and that the Drupal password hashing configuration is correct.', [
        '%algorithm' => $hashingAlgorithm,
        ':url' => 'https://www.php.net/manual/password.requirements.php',
      ]),
      'severity' => RequirementSeverity::Error,
    ];
  }
  if ($hashingAlgorithm !== PASSWORD_BCRYPT) {
    return [
      'title' => $this->t('Password hashing'),
      'value' => $this->t('Passwords are hashed with the %algorithm algorithm.', [
        '%algorithm' => $hashingAlgorithm,
      ]),
      'severity' => RequirementSeverity::Info,
    ];
  }
  if (count(array_intersect([
    'argon2id',
    'argon2i',
  ], $availableAlgorithms)) > 0) {
    return [
      'title' => $this->t('Password hashing'),
      'value' => $this->t('Passwords are hashed with the bcrypt algorithm. It is recommended to <a href=":url">switch</a> to argon2id.', [
        ':url' => 'https://www.drupal.org/node/3530196',
      ]),
      'severity' => RequirementSeverity::Warning,
    ];
  }
  return [
    'title' => $this->t('Password hashing'),
    'value' => $this->t('Passwords are hashed with the bcrypt algorithm. It is recommended to enable <a href=":url">argon2 password hashing</a> in your PHP installation and to switch to argon2id.', [
      ':url' => 'https://www.php.net/manual/password.requirements.php',
    ]),
    'severity' => RequirementSeverity::Warning,
  ];
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.