如何在Laravel 4中使用SHA1加密代替BCrypt? [英] How to use SHA1 encryption instead of BCrypt in Laravel 4?
问题描述
我正在为游戏开发一个所谓的AAC(自动帐户创建者),它基本上是一个具有创建帐户,玩家以及为玩家提供更多功能的网站.该服务器仅支持SHA1和Plain-这是完全不安全的.我无法深入研究源代码并进行更改.如果有可以使用SHA1的信息,我将不胜感激.我刚刚阅读了BCrypt,这很棒,但是我不能真正更改源代码以适合BCrypt.我设法将SHA1这样注册:
I'm developing a so called AAC (Automatic Account Creator) for a game, it's basically a site with functions to create accounts, players and several more things for players. The server only supports SHA1 and plain - which is totally unsafe. I can't dive into the source code and make changes. If there's anyway to use SHA1 I would be grateful. I just read about BCrypt, it's great but I can't really change the source code to suit BCrypt. I managed to put SHA1 on registration like this:
$password = $input['password'];
$password = sha1($password);
但是我根本无法登录.我做错了吗?好像Laravel不允许我登录.
But I simply can't login. am I doing it wrong? seems like Laravel won't let me login.
我有get_register和post_register,也有get_login和post_login.我是否需要在post_login中进行更改以使其登录或?
有什么提示吗?
I've got get_register and post_register, also I've got get_login and post_login. Do i need to change something in the post_login to make it login or?
any hints?
我在WAMP上使用Laravel的php服务器(php artisan服务)和phpMyAdmin.我认为Laravel在通过Auth::attempt方法检查数据库时会进行检查laravel正在做某种形式的散列检查当前pw和已登录的pw以相互检查.
I'm using Laravel's php server (php artisan serve) and phpMyAdmin on WAMP. I think Laravel checks when you are checking the DB via the Auth::attempt method laravel is doing some form of hashing to check the current pw and the logged in one to check against each other.
推荐答案
您将不得不重写Hash模块.多亏Laravel遵循IoC和依赖注入概念的想法,这才相对容易.
You'll have to rewrite the Hash module. Thanks to Laravel's ideas of following IoC and Dependency Injection concepts, it'll be relatively easy.
首先,创建一个app/libraries文件夹并将其添加到作曲家的autoload.classmap:
First, create a app/libraries folder and add it to composer's autoload.classmap:
"autoload": {
"classmap": [
// ...
"app/libraries"
]
},
现在是时候创建类了.创建一个实现Illuminate\Hashing\HasherInterface的SHAHasher类.我们需要实现它的3种方法:make,check和needsRehash.
Now, it's time we create our class. Create a SHAHasher class, implementing Illuminate\Hashing\HasherInterface. We'll need to implement its 3 methods: make, check and needsRehash.
注意:在Laravel 5上,实施Illuminate/Contracts/Hashing/Hasher而不是Illuminate\Hashing\HasherInterface.
Note: On Laravel 5, implement Illuminate/Contracts/Hashing/Hasher instead of Illuminate\Hashing\HasherInterface.
app/libraries/SHAHasher.php
class SHAHasher implements Illuminate\Hashing\HasherInterface {
/**
* Hash the given value.
*
* @param string $value
* @return array $options
* @return string
*/
public function make($value, array $options = array()) {
return hash('sha1', $value);
}
/**
* Check the given plain value against a hash.
*
* @param string $value
* @param string $hashedValue
* @param array $options
* @return bool
*/
public function check($value, $hashedValue, array $options = array()) {
return $this->make($value) === $hashedValue;
}
/**
* Check if the given hash has been hashed using the given options.
*
* @param string $hashedValue
* @param array $options
* @return bool
*/
public function needsRehash($hashedValue, array $options = array()) {
return false;
}
}
现在我们已经完成了我们的类,我们希望Laravel在默认情况下使用它.为此,我们将创建SHAHashServiceProvider,扩展Illuminate\Support\ServiceProvider,并将其注册为hash组件:
Now that we have our class done, we want it to be used by default, by Laravel. To do so, we'll create SHAHashServiceProvider, extending Illuminate\Support\ServiceProvider, and register it as the hash component:
app/libraries/SHAHashServiceProvider.php
class SHAHashServiceProvider extends Illuminate\Support\ServiceProvider {
/**
* Register the service provider.
*
* @return void
*/
public function register() {
$this->app['hash'] = $this->app->share(function () {
return new SHAHasher();
});
}
/**
* Get the services provided by the provider.
*
* @return array
*/
public function provides() {
return array('hash');
}
}
很酷,现在我们要做的就是确保我们的应用加载了正确的服务提供商.在app/config/app.php的providers下,删除以下行:
Cool, now all we have to do is make sure our app loads the correct service provider. On app/config/app.php, under providers, remove the following line:
'Illuminate\Hashing\HashServiceProvider',
然后,添加一个:
'SHAHashServiceProvider',
这篇关于如何在Laravel 4中使用SHA1加密代替BCrypt?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
