PasswordEncryptor
abstract class PasswordEncryptor (View source)
Allows pluggable password encryption.
By default, this might be PHP's integrated sha1() function, but could also be more sophisticated to facilitate password migrations from other systems. Use {@link register()} to add new implementations.
Used in {@link Security::encrypt_password()}.
Properties
| static private array | $encryptors |
Methods
No description
No description
This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see {@link PasswordEncryptor_LegacyPHPHash} and {@link PasswordEncryptor_Blowfish}
Details
static array
get_encryptors()
static PasswordEncryptor
create_for_algorithm(string $algorithm)
abstract string
encrypt(string $password, string $salt = null, Member $member = null)
Return a string value stored in the {@link Member->Password} property.
The password should be hashed with {@link salt()} if applicable.
string
salt(string $password, Member $member = null)
Return a string value stored in the {@link Member->Salt} property.
bool
check(string $hash, string $password, string $salt = null, Member $member = null)
This usually just returns a strict string comparison, but is necessary for retain compatibility with password hashed with flawed algorithms - see {@link PasswordEncryptor_LegacyPHPHash} and {@link PasswordEncryptor_Blowfish}