BCryptPasswordEncoder
class BCryptPasswordEncoder extends BasePasswordEncoder
Constants
MAX_PASSWORD_LENGTH |
Methods
__construct(int $cost) | ||
string | encodePassword(string $raw, string $salt) Encodes the raw password. |
|
bool | isPasswordValid(string $encoded, string $raw, string $salt) Checks a raw password against an encoded password. |
Details
__construct(int $cost)
Parameters
int | $cost | The algorithmic cost that should be used |
Exceptions
RuntimeException | When no BCrypt encoder is available |
InvalidArgumentException | if cost is out of range |
string encodePassword(string $raw, string $salt)
Encodes the raw password.
It doesn't work with PHP versions lower than 5.3.7, since the password compat library uses CRYPT_BLOWFISH hash type with the "$2y$" salt prefix (which is not available in the early PHP versions).
Parameters
string | $raw | The password to encode |
string | $salt | The salt |
Return Value
string | The encoded password |
Exceptions
BadCredentialsException | when the given password is too long |
See also
https://github.com/ircmaxell/password_compat/issues/10#issuecomment-11203833 It | is almost best to **not** pass a salt and let PHP generate one for you. |
http://lxr.php.net/xref/PHP_5_5/ext/standard/password.c#111 |
bool isPasswordValid(string $encoded, string $raw, string $salt)
Checks a raw password against an encoded password.
Parameters
string | $encoded | An encoded password |
string | $raw | A raw password |
string | $salt | The salt |
Return Value
bool | true if the password is valid, false otherwise |
© 2004–2017 Fabien Potencier
Licensed under the MIT License.
http://api.symfony.com/2.8/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.html