Safe way to hash password.

2015-04-09 15:57:37 +02:00 · 2015-04-09 15:57:37 +02:00 · cddbf3cb43
parent f888a643e0
commit cddbf3cb43
2 changed files with 37 additions and 1 deletions
--- a/app/classes/Framadate/Security/PasswordHasher.php
+++ b/app/classes/Framadate/Security/PasswordHasher.php
@ -0,0 +1,35 @@
+<?php
+
+
+namespace Framadate\Security;
+
+/**
+ * Class PasswordHasher
+ *
+ * Used to abstract the password hash logic
+ *
+ * @package Framadate\Security
+ */
+class PasswordHasher {
+
+    /**
+     * Hash a password
+     *
+     * @param $password the password to hash.
+     * @return false|string the hashed password, or false on failure. The used algorithm, cost and salt are returned as part of the hash.
+     */
+    public static function hash($password) {
+        return password_hash($password, PASSWORD_DEFAULT);
+    }
+
+    /**
+     * Verify a password with a hash
+     *
+     * @param $password the password to verify
+     * @param $hash the hash to compare.
+     * @return bool
+     */
+    public static function verify($password, $hash) {
+        return password_verify($password, $hash);
+    }
+} 
--- a/composer.json
+++ b/composer.json
@ -12,7 +12,8 @@
    "require": {
        "smarty/smarty": "3.1.21",
        "o80/i18n": "dev-develop",
-        "phpmailer/phpmailer": "~5.2"
+        "phpmailer/phpmailer": "~5.2",
+	"ircmaxell/password-compat": "dev-master"
    },

    "require-dev": {