function PhpPasswordTest::testPasswordRehashing

Same name and namespace in other branches
  1. 11.x core/tests/Drupal/Tests/Core/Password/PhpPasswordTest.php \Drupal\Tests\Core\Password\PhpPasswordTest::testPasswordRehashing()

Tests password rehashing.

@covers ::hash
@covers ::check
@covers ::needsRehash

File

core/tests/Drupal/Tests/Core/Password/PhpPasswordTest.php, line 73

Class

PhpPasswordTest
Unit tests for password hashing API.

Namespace

Drupal\Tests\Core\Password

Code

public function testPasswordRehashing() : void {
  // Increment the cost by one.
  $strongHasher = new PhpPassword(PASSWORD_BCRYPT, [
    'cost' => 6,
  ]);
  $this->assertTrue($strongHasher->needsRehash($this->passwordHash), 'Needs a new hash after incrementing the cost option.');
  // Re-hash the password.
  $rehashedPassword = $strongHasher->hash($this->password);
  $this->assertNotEquals($rehashedPassword, $this->passwordHash, 'Password hash changed again.');
  // Now the hash should be OK.
  $this->assertFalse($strongHasher->needsRehash($rehashedPassword), 'Re-hashed password does not need a new hash.');
  $this->assertTrue($strongHasher->check($this->password, $rehashedPassword), 'Password check succeeds with re-hashed password.');
  $this->assertTrue($this->passwordHasher
    ->check($this->password, $rehashedPassword), 'Password check succeeds with re-hashed password with original hasher.');
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.