卓越飞翔博客
在Laravel中,您可以使用Hash外观模块来处理密码。它具有bcrypt函数,可以帮助您安全地存储密码。
Hash门面bcrypt()方法是一种强大的密码哈希方式。它可以防止恶意用户破解使用bcrypt()生成的密码。
The hashing details are available inside config/hashing.php. The default driver has bcrypt() as the hashing to be used.
Hashing Passwords
要使用Hash Facade,您需要包含以下类:
IlluminateSupportFacadesHash
Example
要对密码进行哈希处理,您可以使用make()方法。以下是一个哈希密码的示例
<?php
namespace AppHttpControllers;
use IlluminateHttpRequest;
use AppModelsStudent;
use IlluminateSupportFacadesHash;
class StudentController extends Controller {
public function index() {
echo $hashed = Hash::make('password', [
'rounds' => 15,
]);
}
}
Output
The output of the above code is
$2y$15$QKYQhdKcDSsMmIXZmwyF/.sihzQDhxtgF5WNiy4fdocNm6LiVihZi
Verifying if the password matches with a hashed password
要验证明文文本即Hash::make中使用的文本是否与哈希值匹配,可以使用check()方法。
如果纯文本与哈希密码匹配,check()方法返回true,否则返回false。
<?php
namespace AppHttpControllers;
use IlluminateHttpRequest;
use AppModelsStudent;
use IlluminateSupportFacadesHash;
class StudentController extends Controller {
public function index() {
$hashed = Hash::make('password', [
'rounds' => 15,
]);
if (Hash::check('password', $hashed)) {
echo "Password matching";
} else {
echo "Password is not matching";
}
}
}
Output
The output of the above code is
Password matching
使用check()方法
让我们现在通过提供错误的纯文本来测试,并查看 check() 方法的响应。
<?php
namespace AppHttpControllers;
use IlluminateHttpRequest;
use AppModelsStudent;
use IlluminateSupportFacadesHash;
class StudentController extends Controller {
public function index() {
$hashed = Hash::make('password', [
'rounds' => 15,
]);
if (Hash::check('password123', $hashed)) {
echo "Password matching";
} else {
echo "Password is not matching";
}
}
}
我们在哈希中使用的纯文本是“password”。在check方法中,我们使用了“password123”,因为文本与哈希文本不匹配,所以输出为“密码不匹配”。
Output
当您在浏览器中执行时,输出将是 -
Password is not matching
对密码进行两次哈希
Let us now hash the same text twice and compare it in the check() method −
$testhash1 = Hash::make('mypassword');
$testhash2 = Hash::make('mypassword');
if (Hash::check('mypassword', $testhash1) && Hash::check('mypassword', $testhash2)) {
echo "Password matching";
} else {
echo "Password not matching";
}
You can test the complete code in the browser as shown below −
<?php
namespace AppHttpControllers;
use IlluminateHttpRequest;
use AppModelsStudent;
use IlluminateSupportFacadesHash;
class StudentController extends Controller {
public function index() {
$testhash1 = Hash::make('mypassword');
$testhash2 = Hash::make('mypassword');
if (Hash::check('mypassword', $testhash1) && Hash::check('mypassword', $testhash2)) {
echo "Password matching";
} else {
echo "Password not matching";
}
}
}
Output
上述代码的输出为 −
Password matching
使用bcrypt()方法
You can also try using the bcrypt() method and test the plain text with hashed one using Hash::check().
<?php
namespace AppHttpControllers;
use IlluminateHttpRequest;
use AppModelsStudent;
use IlluminateSupportFacadesHash;
class StudentController extends Controller {
public function index() {
$hashedtext = bcrypt('mypassword');
if (Hash::check('mypassword', $hashedtext)) {
echo 'Password matches';
} else{
echo 'Password not matching';
}
}
}
Output
上述代码的输出为 -
Password matches
