CakePHP 3 DefaultPasswordHasher [英] CakePHP 3 DefaultPasswordHasher
问题描述
我正在创建一个包含有password和password_again字段的身份验证表单.因此,我可以检查以确保它们匹配,我正在使用UsersTable的beforeSave()函数来处理哈希.作为测试,我刚刚对其进行了设置,以再次向我显示password__,其哈希结果然后消失.
I am working on creating an authentication form that has a password and password_again field in it. So I can check to make sure they match, I am using the beforeSave() function of my UsersTable to take care of the hashing. As a test, I have just set it to show me the password_again, its hashed result and then die.
public function beforeSave($event, $entity){
debug($entity->password_again);
$hasher = new DefaultPasswordHasher();
$entity->password_again = $hasher->hash($entity->password_again);
debug($entity->password_again);
die();
}
我很好奇为什么每次重新加载结果时哈希值都会不断变化.我希望每次重新加载哈希后,哈希值都保持不变.预先感谢.
I am curious as to why the hash keeps changing every time I reload the results. I would have expected the hash to stay the same each time I reloaded it. Thanks in advance.
因此事实证明,您不应该对两个密码都进行哈希处理,然后尝试对它们进行比较.相反,DefaultPasswordHasher-> check(password_again,password_hash)将验证密码是否与您匹配.
So it turns out that you should not hash both passwords and then try to compare them. Instead, the DefaultPasswordHasher->check(password_again, password_hash) will verify if the passwords match for you.
推荐答案
The DefaultPasswordHasher uses PHP's password_hash function which by default uses blowfish algorithm with a different salt each time, resulting in different hash on every invocation.
这篇关于CakePHP 3 DefaultPasswordHasher的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
