PasswordEncryptor
abstract class PasswordEncryptor (View source)
Allows pluggable password encryption.
By default, this might be PHP's integrated sha1() function, but could also be more sophisticated to facilitate password migrations from other systems. Use register() to add new implementations.
Used in Security::encrypt_password().
Properties
Methods
public
string
public
string
public
bool
Details
static array
get_encryptors()
No description
static PasswordEncryptor
create_for_algorithm(string $algorithm)
No description
abstract string
encrypt(string $password, string $salt = null, Member $member = null)
Return a string value stored in the Member->Password property.
The password should be hashed with salt() if applicable.
string
salt(string $password, Member $member = null)
Return a string value stored in the Member->Salt property.
bool
check(string $hash, string $password, string $salt = null, Member $member = null)
This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see PasswordEncryptor_LegacyPHPHash and PasswordEncryptor_Blowfish