Created
October 11, 2017 20:16
-
-
Save foxycode/4cf2cfb6888f05a9f14ede5641f5f2a6 to your computer and use it in GitHub Desktop.
Prestashop password rehash class
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php declare(strict_types=1); | |
final class Passwords | |
{ | |
private const OLD_SALT = 'xxx'; | |
public const PS_OLD = 'prestashop_old'; | |
public const PS_HASHED = 'prestashop_hashed'; | |
public const BCRYPT = 'bcrypt'; | |
/** | |
* Computes salted password hash. | |
*/ | |
public static function hash(string $password): string | |
{ | |
$hash = password_hash($password, PASSWORD_BCRYPT); | |
if ($hash === FALSE || strlen($hash) < 60) { | |
throw new \Exception('Hash computed by password_hash is invalid.'); | |
} | |
return $hash; | |
} | |
/** | |
* Verifies that a password matches a hash. | |
*/ | |
public static function verify(string $password, string $passwordType, string $hash): bool | |
{ | |
if ($passwordType === self::PS_OLD) { | |
return md5(pSQL(self::OLD_SALT . $password)) === $hash; | |
} | |
if ($passwordType === self::PS_HASHED) { | |
$password = md5(pSQL(self::OLD_SALT . $password)); | |
} | |
return password_verify($password, $hash); | |
} | |
/** | |
* Checks if the given hash matches the options. | |
*/ | |
public static function needsRehash(string $hash, string $passwordType): bool | |
{ | |
if ($passwordType !== self::BCRYPT) { | |
return TRUE; | |
} | |
return password_needs_rehash($hash, PASSWORD_BCRYPT); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment