1: <?php
 2: /**
 3:  * CakePHP(tm) : Rapid Development Framework (https://cakephp.org)
 4:  * Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org)
 5:  *
 6:  * Licensed under The MIT License
 7:  * For full copyright and license information, please see the LICENSE.txt
 8:  * Redistributions of files must retain the above copyright notice.
 9:  *
10:  * @copyright     Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org)
11:  * @link          https://cakephp.org CakePHP(tm) Project
12:  * @since         3.0.0
13:  * @license       https://opensource.org/licenses/mit-license.php MIT License
14:  */
15: namespace Cake\Auth;
16: 
17: /**
18:  * Default password hashing class.
19:  */
20: class DefaultPasswordHasher extends AbstractPasswordHasher
21: {
22:     /**
23:      * Default config for this object.
24:      *
25:      * ### Options
26:      *
27:      * - `hashType` - Hashing algo to use. Valid values are those supported by `$algo`
28:      *   argument of `password_hash()`. Defaults to `PASSWORD_DEFAULT`
29:      * - `hashOptions` - Associative array of options. Check the PHP manual for
30:      *   supported options for each hash type. Defaults to empty array.
31:      *
32:      * @var array
33:      */
34:     protected $_defaultConfig = [
35:         'hashType' => PASSWORD_DEFAULT,
36:         'hashOptions' => []
37:     ];
38: 
39:     /**
40:      * Generates password hash.
41:      *
42:      * @param string $password Plain text password to hash.
43:      * @return string|false Password hash or false on failure
44:      * @link https://book.cakephp.org/3.0/en/controllers/components/authentication.html#hashing-passwords
45:      */
46:     public function hash($password)
47:     {
48:         return password_hash(
49:             $password,
50:             $this->_config['hashType'],
51:             $this->_config['hashOptions']
52:         );
53:     }
54: 
55:     /**
56:      * Check hash. Generate hash for user provided password and check against existing hash.
57:      *
58:      * @param string $password Plain text password to hash.
59:      * @param string $hashedPassword Existing hashed password.
60:      * @return bool True if hashes match else false.
61:      */
62:     public function check($password, $hashedPassword)
63:     {
64:         return password_verify($password, $hashedPassword);
65:     }
66: 
67:     /**
68:      * Returns true if the password need to be rehashed, due to the password being
69:      * created with anything else than the passwords generated by this class.
70:      *
71:      * @param string $password The password to verify
72:      * @return bool
73:      */
74:     public function needsRehash($password)
75:     {
76:         return password_needs_rehash($password, $this->_config['hashType'], $this->_config['hashOptions']);
77:     }
78: }
79: