abstract class PasswordEncryptor (View source)

Allows pluggable password encryption.

By default, this might be PHP's integrated sha1() function, but could also be more sophisticated to facilitate password migrations from other systems. Use register() to add new implementations.

Used in Security::encrypt_password().

Properties

Methods

public static 
array
get_encryptors()

No description

public static 
create_for_algorithm(string $algorithm)

No description

public
string
encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

public
string
salt(string $password, Member $member = null)

Return a string value stored in the Member->Salt property.

public
check($hash, $password, $salt = null, $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

Details

static array get_encryptors()

No description

Return Value

array

Map of encryptor code to the used class.

static PasswordEncryptor create_for_algorithm(string $algorithm)

No description

Parameters

string $algorithm

Return Value

PasswordEncryptor

Exceptions

PasswordEncryptor_NotFoundException

abstract string encrypt(string $password, string $salt = null, Member $member = null)

Return a string value stored in the Member->Password property.

The password should be hashed with salt() if applicable.

Parameters

string $password

Cleartext password to be hashed

string $salt (Optional)
Member $member (Optional)

Return Value

string

Maximum of 512 characters.

string salt(string $password, Member $member = null)

Return a string value stored in the Member->Salt property.

Parameters

string $password

Cleartext password

Member $member (Optional)

Return Value

string

Maximum of 50 characters

check($hash, $password, $salt = null, $member = null)

This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish

Parameters

$hash
$password
$salt
$member