如何在 Laravel 4 中使用 SHA1 加密而不是 BCrypt? [英] How to use SHA1 encryption instead of BCrypt in Laravel 4?

问题描述

我正在为游戏开发一个所谓的 AAC(自动帐户创建器)，它基本上是一个具有为玩家创建帐户、玩家和其他一些功能的网站.服务器只支持 SHA1 和普通的 - 这是完全不安全的.我无法深入研究源代码并进行更改.如果无论如何要使用SHA1，我将不胜感激.我刚刚阅读了 BCrypt，它很棒，但我无法真正更改源代码以适合 BCrypt.我设法像这样注册 SHA1:

I'm developing a so called AAC (Automatic Account Creator) for a game, it's basically a site with functions to create accounts, players and several more things for players. The server only supports SHA1 and plain - which is totally unsafe. I can't dive into the source code and make changes. If there's anyway to use SHA1 I would be grateful. I just read about BCrypt, it's great but I can't really change the source code to suit BCrypt. I managed to put SHA1 on registration like this:

$password = $input['password'];
$password = sha1($password);

但是我根本无法登录.我做错了吗?好像 Laravel 不让我登录.

But I simply can't login. am I doing it wrong? seems like Laravel won't let me login.

我有 get_register 和 post_register，还有 get_login 和 post_login.我是否需要更改 post_login 中的某些内容以使其登录?有什么提示吗?

I've got get_register and post_register, also I've got get_login and post_login. Do i need to change something in the post_login to make it login or? any hints?

我在 WAMP 上使用 Laravel 的 php 服务器(php artisan serve)和 phpMyAdmin.我认为 Laravel 在您通过 Auth::attempt 方法检查数据库时会检查 Laravel 正在执行某种形式的散列以检查当前密码和登录密码以相互检查.

I'm using Laravel's php server (php artisan serve) and phpMyAdmin on WAMP. I think Laravel checks when you are checking the DB via the Auth::attempt method laravel is doing some form of hashing to check the current pw and the logged in one to check against each other.

推荐答案

您必须重写 Hash 模块.由于 Laravel 遵循 IoC 和依赖注入概念的想法，这会相对容易.

You'll have to rewrite the Hash module. Thanks to Laravel's ideas of following IoC and Dependency Injection concepts, it'll be relatively easy.

首先，创建一个app/libraries 文件夹并将其添加到composer 的autoload.classmap:

First, create a app/libraries folder and add it to composer's autoload.classmap:

"autoload": {
    "classmap": [
        // ...

        "app/libraries"
    ]
},

现在，是时候创建我们的类了.创建一个 SHAHasher 类，实现 IlluminateHashingHasherInterface.我们需要实现它的 3 个方法:make、check 和 needsRehash.

Now, it's time we create our class. Create a SHAHasher class, implementing IlluminateHashingHasherInterface. We'll need to implement its 3 methods: make, check and needsRehash.

注意:在 Laravel 5 上，实现 Illuminate/Contracts/Hashing/Hasher 而不是 IlluminateHashingHasherInterface.

Note: On Laravel 5, implement Illuminate/Contracts/Hashing/Hasher instead of IlluminateHashingHasherInterface.

app/libraries/SHAHasher.php

class SHAHasher implements IlluminateHashingHasherInterface {

    /**
     * Hash the given value.
     *
     * @param  string  $value
     * @return array   $options
     * @return string
     */
    public function make($value, array $options = array()) {
        return hash('sha1', $value);
    }

    /**
     * Check the given plain value against a hash.
     *
     * @param  string  $value
     * @param  string  $hashedValue
     * @param  array   $options
     * @return bool
     */
    public function check($value, $hashedValue, array $options = array()) {
        return $this->make($value) === $hashedValue;
    }

    /**
     * Check if the given hash has been hashed using the given options.
     *
     * @param  string  $hashedValue
     * @param  array   $options
     * @return bool
     */
    public function needsRehash($hashedValue, array $options = array()) {
        return false;
    }

}

现在我们已经完成了我们的类，我们希望它被 Laravel 默认使用.为此，我们将创建 SHAHashServiceProvider，扩展 IlluminateSupportServiceProvider，并将其注册为 hash 组件:

Now that we have our class done, we want it to be used by default, by Laravel. To do so, we'll create SHAHashServiceProvider, extending IlluminateSupportServiceProvider, and register it as the hash component:

app/libraries/SHAHashServiceProvider.php

class SHAHashServiceProvider extends IlluminateSupportServiceProvider {

    /**
     * Register the service provider.
     *
     * @return void
     */
    public function register() {
        $this->app['hash'] = $this->app->share(function () {
            return new SHAHasher();
        });

    }

    /**
     * Get the services provided by the provider.
     *
     * @return array
     */
    public function provides() {
        return array('hash');
    }

}

很酷，现在我们要做的就是确保我们的应用加载了正确的服务提供者.在 app/config/app.php 上的 providers 下，删除以下行:

Cool, now all we have to do is make sure our app loads the correct service provider. On app/config/app.php, under providers, remove the following line:

'IlluminateHashingHashServiceProvider',

然后，添加这个:

'SHAHashServiceProvider',

这篇关于如何在 Laravel 4 中使用 SHA1 加密而不是 BCrypt?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！