将数据库中的普通密码转换为Laravel加密密码 [英] Converting plain password in database to Laravel encrypted password

问题描述

我有一个名为用户"的表，其中有用户的用户名和密码.

I have a table called "users" where I have username and password from my users.

密码为纯文本.现在，我使用Laravel 6.0和Auth创建了一个新站点.

The passwords are in plain text. Now I've created a new site with Laravel 6.0 and Auth.

因此，如果用户要登录到我的网站，则需要将密码纯文本转换为加密的新密码.

So if a user wants to loggin into my site I need to convert my password plain text to the new password encrypted.

如何从Auth中获取盐"，以及一种从我的普通密码和盐"中获取加密密码的工具.原因是因为我在用户表中创建了一个新列，所以我想在其中放置使用查询加密的密码.

How can I get the "salt" from my Auth and also a tools to get the encrypted password from my plain password and "salt". The reason is because I created a new column in my users table so I want to put there the password encrypted using a query.

运行change_command

running change_command

推荐答案

Laravel Hash 外观提供安全的Bcrypt和Argon2哈希存储用户密码.

The Laravel Hash facade provides secure Bcrypt and Argon2 hashing for storing user passwords.

$password = Hash::make('plain-text-password');

bcrypt 函数使用Bcrypt哈希给定值.您可以将其用作 Hash 外观的替代方法:

The bcrypt function hashes the given value using Bcrypt. You may use it as an alternative to the Hash facade:

$password = bcrypt('plain-text-password');

---

如何从Auth中获取盐"以及从我的普通密码和盐"中获取加密密码的工具.

How can I get the "salt" from my Auth and also a tools to get the encrypted password from my plain password and "salt".

验证哈希密码

check 方法允许您验证给定的纯文本字符串是否与给定的哈希相对应.

Verifying A Password Against A Hash

The check method allows you to verify that a given plain-text string corresponds to a given hash.

if (Hash::check('plain-text-password', $hashedPassword)) {
    // The passwords match...
}

---

更新

您可以使用Command或更改现有客户的纯文本"密码.

---

Update

You can use Command or make a route to change "plain-text" password for existing customers.

创建命令 app/Console/Commands/ChangePassword.php

<?php

namespace App\Console\Commands;

use App\User;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Hash;

class ChangePassword extends Command
{
    /**
     * The name and signature of the console command.
     *
     * @var string
     */
    protected $signature = 'change-password';

    /**
     * The console command description.
     *
     * @var string
     */
    protected $description = 'Plain-text password changer';

    /**
     * Create a new command instance.
     *
     * @return void
     */
    public function __construct()
    {
        parent::__construct();
    }

    /**
     * Execute the console command.
     *
     * @return mixed
     */
    public function handle()
    {
        $users = User::get();

        foreach ($users as $user) {
            if (Hash::needsRehash($user->password)) {
                $user->password = Hash::make($user->password);
                $user->save();
            }
        }

        $this->info('Done..');
    }
}

用法 :

php artisan change-password

运行命令后，您可以尝试通过 Auth :: routes()路由登录.

After run command, you can try login via Auth::routes() routes.

if (Auth::attempt($credentials)) {
    // Authentication passed...
} 

这篇关于将数据库中的普通密码转换为Laravel加密密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！