将数据库中的普通密码转换为Laravel加密密码 [英] Converting plain password in database to Laravel encrypted password
问题描述
我有一个名为用户"的表,其中有用户的用户名和密码.
I have a table called "users" where I have username and password from my users.
密码为纯文本.现在,我使用Laravel 6.0和Auth创建了一个新站点.
The passwords are in plain text. Now I've created a new site with Laravel 6.0 and Auth.
因此,如果用户要登录到我的网站,则需要将密码纯文本转换为加密的新密码.
So if a user wants to loggin into my site I need to convert my password plain text to the new password encrypted.
如何从Auth中获取盐",以及一种从我的普通密码和盐"中获取加密密码的工具.原因是因为我在用户表中创建了一个新列,所以我想在其中放置使用查询加密的密码.
How can I get the "salt" from my Auth and also a tools to get the encrypted password from my plain password and "salt". The reason is because I created a new column in my users table so I want to put there the password encrypted using a query.
运行change_command
running change_command
推荐答案
Laravel Hash
外观提供安全的Bcrypt和Argon2哈希存储用户密码.
The Laravel Hash
facade provides secure Bcrypt and Argon2 hashing for storing user passwords.
$password = Hash::make('plain-text-password');
bcrypt
函数使用Bcrypt哈希给定值.您可以将其用作 Hash
外观的替代方法:
The bcrypt
function hashes the given value using Bcrypt. You may use it as an alternative to the Hash
facade:
$password = bcrypt('plain-text-password');
如何从Auth中获取盐"以及从我的普通密码和盐"中获取加密密码的工具.
How can I get the "salt" from my Auth and also a tools to get the encrypted password from my plain password and "salt".
验证哈希密码
check
方法允许您验证给定的纯文本字符串是否与给定的哈希相对应.
Verifying A Password Against A Hash
The check
method allows you to verify that a given plain-text string corresponds to a given hash.
if (Hash::check('plain-text-password', $hashedPassword)) {
// The passwords match...
}
更新
您可以使用Command或更改现有客户的纯文本"密码.
Update
You can use Command or make a route to change "plain-text" password for existing customers.
创建命令 app/Console/Commands/ChangePassword.php
<?php
namespace App\Console\Commands;
use App\User;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\Hash;
class ChangePassword extends Command
{
/**
* The name and signature of the console command.
*
* @var string
*/
protected $signature = 'change-password';
/**
* The console command description.
*
* @var string
*/
protected $description = 'Plain-text password changer';
/**
* Create a new command instance.
*
* @return void
*/
public function __construct()
{
parent::__construct();
}
/**
* Execute the console command.
*
* @return mixed
*/
public function handle()
{
$users = User::get();
foreach ($users as $user) {
if (Hash::needsRehash($user->password)) {
$user->password = Hash::make($user->password);
$user->save();
}
}
$this->info('Done..');
}
}
用法 :
php artisan change-password
运行命令后,您可以尝试通过 Auth :: routes()
路由登录.
After run command, you can try login via Auth::routes()
routes.
if (Auth::attempt($credentials)) {
// Authentication passed...
}
这篇关于将数据库中的普通密码转换为Laravel加密密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!