1: <?php
 2: /**
 3:  * CakePHP(tm) : Rapid Development Framework (https://cakephp.org)
 4:  * Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org)
 5:  *
 6:  * Licensed under The MIT License
 7:  * For full copyright and license information, please see the LICENSE.txt
 8:  * Redistributions of files must retain the above copyright notice.
 9:  *
10:  * @copyright     Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org)
11:  * @link          https://cakephp.org CakePHP(tm) Project
12:  * @since         3.0.0
13:  * @license       https://opensource.org/licenses/mit-license.php MIT License
14:  */
15: namespace Cake\Auth;
16: 
17: /**
18:  * Default password hashing class.
19:  */
20: class DefaultPasswordHasher extends AbstractPasswordHasher
21: {
22: 
23:     /**
24:      * Default config for this object.
25:      *
26:      * ### Options
27:      *
28:      * - `hashType` - Hashing algo to use. Valid values are those supported by `$algo`
29:      *   argument of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
30:      * - `hashOptions` - Associative array of options. Check the PHP manual for
31:      *   supported options for each hash type. Defaults to empty array.
32:      *
33:      * @var array
34:      */
35:     protected $_defaultConfig = [
36:         'hashType' => PASSWORD_DEFAULT,
37:         'hashOptions' => []
38:     ];
39: 
40:     /**
41:      * Generates password hash.
42:      *
43:      * @param string $password Plain text password to hash.
44:      * @return bool|string Password hash or false on failure
45:      * @link https://book.cakephp.org/3.0/en/controllers/components/authentication.html#hashing-passwords
46:      */
47:     public function hash($password)
48:     {
49:         return password_hash(
50:             $password,
51:             $this->_config['hashType'],
52:             $this->_config['hashOptions']
53:         );
54:     }
55: 
56:     /**
57:      * Check hash. Generate hash for user provided password and check against existing hash.
58:      *
59:      * @param string $password Plain text password to hash.
60:      * @param string $hashedPassword Existing hashed password.
61:      * @return bool True if hashes match else false.
62:      */
63:     public function check($password, $hashedPassword)
64:     {
65:         return password_verify($password, $hashedPassword);
66:     }
67: 
68:     /**
69:      * Returns true if the password need to be rehashed, due to the password being
70:      * created with anything else than the passwords generated by this class.
71:      *
72:      * @param string $password The password to verify
73:      * @return bool
74:      */
75:     public function needsRehash($password)
76:     {
77:         return password_needs_rehash($password, $this->_config['hashType'], $this->_config['hashOptions']);
78:     }
79: }
80: