如何解密Laravel中的哈希密码 [英] How to decrypt Hash Password in Laravel

问题描述

我有谷歌这么多，但不幸的是发现没有工作的解决方案。

我知道它是一个坏的技术，但我需要通过电子邮件发送用户的密码。

我已经设法发送用户哈希密码，但我无法解密此密码。

以下是我使用的过程。

  $ results = DB :: select（select * from dockl_users where email ='。Input :: get（'email'）。';）; 
 
 foreach（$ results as $ data）{
 $ password = $ data-> password; 
 $ email = $ data->电子邮件; 
 
} 
 
 Mail :: send（'passwordRecovery'，array（'email'=> $ password），function（$ message）
 {
 $ message-> to（Input :: get（'email'）） - > subject（'Password Recovery'）; 
}）; 
  

上述代码将加密密码发送到用户通过电子邮件，但是当我尝试解密，它给我以下错误消息。

  $ decrypt = Crypt :: decrypt（$ DATA->密码）; 
  

无效数据。

  throw new DecryptException（Invalid data。）; 
  

请指导我如何实现这个..

解决方案

简单的答案是你不会解密密码（因为它没有加密 - 它是散列的）。

长的答案是你不应该通过电子邮件或任何其他方式发送用户他们的密码。如果用户忘记了密码，您应该向他们发送密码重置电子邮件，并允许他们在您的网站上更改密码。

Laravel内置了大部分功能（请参阅 Laravel文档 - 我是不会在这里复制全部。也可以使用 4.2 版本和Laravel的 5.0 ）。

要进一步阅读，请查看这个blogoverflow帖子：为什么密码应该被哈希。

I have google this alot, but unfortunatilty found no working solution.

I know its a bad technique, but I need to send user its password by email.

I have manage to sent user Hash password, but i am unable to decrypt this password.

The following is the procedure i am using.

    $results = DB::select("select * from dockl_users where email='" . Input::get('email')  ."';");      

                foreach($results as $data){
                $password=          $data->password;
                $email=             $data->email;

               }

            Mail::send('passwordRecovery', array('email' =>$password), function($message)
            {
                $message->to(Input::get('email') )->subject('Password Recovery');
            });

The above code send Encrypted password to the user by email but when i try to decrypt, it gives me following error message.

$decrypt= Crypt::decrypt($data->password);  

Invalid data.

throw new DecryptException("Invalid data.");

Kindly guide me how to achieve this..

解决方案

Short answer is that you don't 'decrypt' the password (because it's not encrypted - it's hashed).

The long answer is that you shouldn't send the user their password by email, or any other way. If the user has forgotten their password, you should send them a password reset email, and allow them to change their password on your website.

Laravel has most of this functionality built in (see the Laravel documentation - I'm not going to replicate it all here. Also available for versions 4.2 and 5.0 of Laravel).

For further reading, check out this 'blogoverflow' post: Why passwords should be hashed.

这篇关于如何解密Laravel中的哈希密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！