在Laravel中,您可以使用Hash外观模块来处理密码。它具有bcrypt函数,可以帮助您安全地存储密码。

wufei123 发布于 2023-08-21 阅读(1305)

在Laravel中如何比较两个加密(bcrypt)密码?


Hash门面bcrypt()方法是一种强大的密码哈希方式。它可以防止恶意用户破解使用bcrypt()生成的密码。

The hashing details are available inside config/hashing.php. The default driver has bcrypt() as the hashing to be used.

Hashing Passwords

要使用Hash Facade,您需要包含以下类:

1

Illuminate\Support\Facades\Hash

Example

要对密码进行哈希处理,您可以使用make()方法。以下是一个哈希密码的示例

1

2

3

4

5

6

7

8

9

10

11

12

13

14

class="token php language-php">class="token delimiter important">

class="token keyword">namespace class="token package">Appclass="token punctuation">\Httpclass="token punctuation">\Controllersclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Httpclass="token punctuation">\Requestclass="token punctuation">;

class="token keyword">use class="token package">Appclass="token punctuation">\Modelsclass="token punctuation">\Studentclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Supportclass="token punctuation">\Facadesclass="token punctuation">\Hashclass="token punctuation">;

 

class="token keyword">class class="token class-name-definition class-name">StudentController class="token keyword">extends class="token class-name">Controller class="token punctuation">{

   class="token keyword">public class="token keyword">function class="token function-definition function">indexclass="token punctuation">(class="token punctuation">) class="token punctuation">{

      class="token keyword">echo class="token variable">$hashed class="token operator">= class="token class-name static-context">Hashclass="token operator">::class="token function">makeclass="token punctuation">(class="token string single-quoted-string">'password'class="token punctuation">, class="token punctuation">[

         class="token string single-quoted-string">'rounds' class="token operator">=> class="token number">15class="token punctuation">,

      class="token punctuation">]class="token punctuation">)class="token punctuation">;

   class="token punctuation">}

class="token punctuation">}

Output

The output of the above code is

1

$2y$15$QKYQhdKcDSsMmIXZmwyF/.sihzQDhxtgF5WNiy4fdocNm6LiVihZi

Verifying if the password matches with a hashed password

要验证明文文本即Hash::make中使用的文本是否与哈希值匹配,可以使用check()方法。

如果纯文本与哈希密码匹配,check()方法返回true,否则返回false。

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

class="token php language-php">class="token delimiter important">

class="token keyword">namespace class="token package">Appclass="token punctuation">\Httpclass="token punctuation">\Controllersclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Httpclass="token punctuation">\Requestclass="token punctuation">;

class="token keyword">use class="token package">Appclass="token punctuation">\Modelsclass="token punctuation">\Studentclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Supportclass="token punctuation">\Facadesclass="token punctuation">\Hashclass="token punctuation">;

 

class="token keyword">class class="token class-name-definition class-name">StudentController class="token keyword">extends class="token class-name">Controller class="token punctuation">{

   class="token keyword">public class="token keyword">function class="token function-definition function">indexclass="token punctuation">(class="token punctuation">) class="token punctuation">{

      class="token variable">$hashed class="token operator">= class="token class-name static-context">Hashclass="token operator">::class="token function">makeclass="token punctuation">(class="token string single-quoted-string">'password'class="token punctuation">, class="token punctuation">[

         class="token string single-quoted-string">'rounds' class="token operator">=> class="token number">15class="token punctuation">,

      class="token punctuation">]class="token punctuation">)class="token punctuation">;

      class="token keyword">if class="token punctuation">(class="token class-name static-context">Hashclass="token operator">::class="token function">checkclass="token punctuation">(class="token string single-quoted-string">'password'class="token punctuation">, class="token variable">$hashedclass="token punctuation">)class="token punctuation">) class="token punctuation">{

         class="token keyword">echo class="token string double-quoted-string">"Password matching"class="token punctuation">;

      class="token punctuation">} class="token keyword">else class="token punctuation">{

         class="token keyword">echo class="token string double-quoted-string">"Password is not matching"class="token punctuation">;

      class="token punctuation">}

   class="token punctuation">}

class="token punctuation">}

Output

The output of the above code is

1

Password matching

使用check()方法

让我们现在通过提供错误的纯文本来测试,并查看 check() 方法的响应。

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

class="token php language-php">class="token delimiter important">

class="token keyword">namespace class="token package">Appclass="token punctuation">\Httpclass="token punctuation">\Controllersclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Httpclass="token punctuation">\Requestclass="token punctuation">;

class="token keyword">use class="token package">Appclass="token punctuation">\Modelsclass="token punctuation">\Studentclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Supportclass="token punctuation">\Facadesclass="token punctuation">\Hashclass="token punctuation">;

 

class="token keyword">class class="token class-name-definition class-name">StudentController class="token keyword">extends class="token class-name">Controller class="token punctuation">{

   class="token keyword">public class="token keyword">function class="token function-definition function">indexclass="token punctuation">(class="token punctuation">) class="token punctuation">{

      class="token variable">$hashed class="token operator">= class="token class-name static-context">Hashclass="token operator">::class="token function">makeclass="token punctuation">(class="token string single-quoted-string">'password'class="token punctuation">, class="token punctuation">[

         class="token string single-quoted-string">'rounds' class="token operator">=> class="token number">15class="token punctuation">,

      class="token punctuation">]class="token punctuation">)class="token punctuation">;

      class="token keyword">if class="token punctuation">(class="token class-name static-context">Hashclass="token operator">::class="token function">checkclass="token punctuation">(class="token string single-quoted-string">'password123'class="token punctuation">, class="token variable">$hashedclass="token punctuation">)class="token punctuation">) class="token punctuation">{

         class="token keyword">echo class="token string double-quoted-string">"Password matching"class="token punctuation">;

      class="token punctuation">} class="token keyword">else class="token punctuation">{

         class="token keyword">echo class="token string double-quoted-string">"Password is not matching"class="token punctuation">;

      class="token punctuation">}

   class="token punctuation">}

class="token punctuation">}

我们在哈希中使用的纯文本是“password”。在check方法中,我们使用了“password123”,因为文本与哈希文本不匹配,所以输出为“密码不匹配”。

Output

当您在浏览器中执行时,输出将是 -

1

Password is not matching

对密码进行两次哈希

Let us now hash the same text twice and compare it in the check() method −

1

2

3

4

5

6

7

8

class="token variable">$testhash1 class="token operator">= class="token class-name static-context">Hashclass="token operator">::class="token function">makeclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">)class="token punctuation">;

class="token variable">$testhash2 class="token operator">= class="token class-name static-context">Hashclass="token operator">::class="token function">makeclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">)class="token punctuation">;

    

class="token keyword">if class="token punctuation">(class="token class-name static-context">Hashclass="token operator">::class="token function">checkclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">, class="token variable">$testhash1class="token punctuation">) class="token operator">&& class="token class-name static-context">Hashclass="token operator">::class="token function">checkclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">, class="token variable">$testhash2class="token punctuation">)class="token punctuation">) class="token punctuation">{

   class="token keyword">echo class="token string double-quoted-string">"Password matching"class="token punctuation">;

class="token punctuation">} class="token keyword">else class="token punctuation">{

   class="token keyword">echo class="token string double-quoted-string">"Password not matching"class="token punctuation">;

class="token punctuation">}

You can test the complete code in the browser as shown below −

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

class="token php language-php">class="token delimiter important">

class="token keyword">namespace class="token package">Appclass="token punctuation">\Httpclass="token punctuation">\Controllersclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Httpclass="token punctuation">\Requestclass="token punctuation">;

class="token keyword">use class="token package">Appclass="token punctuation">\Modelsclass="token punctuation">\Studentclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Supportclass="token punctuation">\Facadesclass="token punctuation">\Hashclass="token punctuation">;

 

class="token keyword">class class="token class-name-definition class-name">StudentController class="token keyword">extends class="token class-name">Controller class="token punctuation">{

   class="token keyword">public class="token keyword">function class="token function-definition function">indexclass="token punctuation">(class="token punctuation">) class="token punctuation">{

      class="token variable">$testhash1 class="token operator">= class="token class-name static-context">Hashclass="token operator">::class="token function">makeclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">)class="token punctuation">;

      class="token variable">$testhash2 class="token operator">= class="token class-name static-context">Hashclass="token operator">::class="token function">makeclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">)class="token punctuation">;

      class="token keyword">if class="token punctuation">(class="token class-name static-context">Hashclass="token operator">::class="token function">checkclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">, class="token variable">$testhash1class="token punctuation">) class="token operator">&& class="token class-name static-context">Hashclass="token operator">::class="token function">checkclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">, class="token variable">$testhash2class="token punctuation">)class="token punctuation">) class="token punctuation">{

         class="token keyword">echo class="token string double-quoted-string">"Password matching"class="token punctuation">;

      class="token punctuation">} class="token keyword">else class="token punctuation">{

         class="token keyword">echo class="token string double-quoted-string">"Password not matching"class="token punctuation">;

      class="token punctuation">}

   class="token punctuation">}

class="token punctuation">}

Output

上述代码的输出为 −

1

Password matching

使用bcrypt()方法

You can also try using the bcrypt() method and test the plain text with hashed one using Hash::check().

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

class="token php language-php">class="token delimiter important">

class="token keyword">namespace class="token package">Appclass="token punctuation">\Httpclass="token punctuation">\Controllersclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Httpclass="token punctuation">\Requestclass="token punctuation">;

class="token keyword">use class="token package">Appclass="token punctuation">\Modelsclass="token punctuation">\Studentclass="token punctuation">;

class="token keyword">use class="token package">Illuminateclass="token punctuation">\Supportclass="token punctuation">\Facadesclass="token punctuation">\Hashclass="token punctuation">;

 

class="token keyword">class class="token class-name-definition class-name">StudentController class="token keyword">extends class="token class-name">Controller class="token punctuation">{

   class="token keyword">public class="token keyword">function class="token function-definition function">indexclass="token punctuation">(class="token punctuation">) class="token punctuation">{

      class="token variable">$hashedtext class="token operator">= class="token function">bcryptclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">)class="token punctuation">;

      class="token keyword">if class="token punctuation">(class="token class-name static-context">Hashclass="token operator">::class="token function">checkclass="token punctuation">(class="token string single-quoted-string">'mypassword'class="token punctuation">, class="token variable">$hashedtextclass="token punctuation">)class="token punctuation">) class="token punctuation">{

         class="token keyword">echo class="token string single-quoted-string">'Password matches'class="token punctuation">;

      class="token punctuation">} class="token keyword">elseclass="token punctuation">{

         class="token keyword">echo class="token string single-quoted-string">'Password not matching'class="token punctuation">;

      class="token punctuation">}

   class="token punctuation">}

class="token punctuation">}

Output

上述代码的输出为 -

1

Password matches


以上就是在Laravel中如何比较两个加密(bcrypt)密码?的详细内容,更多请关注php中文网其它相关文章!


相关阅读

发表评论:

◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。

最近发表

随机文章

标签列表