Heim  >  Artikel  >  Backend-Entwicklung  >  Wie vergleiche ich zwei verschlüsselte (bcrypt) Passwörter in Laravel?

Wie vergleiche ich zwei verschlüsselte (bcrypt) Passwörter in Laravel?

王林
王林nach vorne
2023-08-21 08:33:121272Durchsuche

Wie vergleiche ich zwei verschlüsselte (bcrypt) Passwörter in Laravel?

在Laravel中,您可以使用Hash外观模块来处理密码。它具有bcrypt函数,可以帮助您安全地存储密码。

Hash门面bcrypt()方法是一种强大的密码哈希方式。它可以防止恶意用户破解使用bcrypt()生成的密码。

The hashing details are available inside config/hashing.php. The default driver has bcrypt() as the hashing to be used.

Hashing Passwords

要使用Hash Facade,您需要包含以下类:

Illuminate\Support\Facades\Hash

Example

要对密码进行哈希处理,您可以使用make()方法。以下是一个哈希密码的示例

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      echo $hashed = Hash::make('password', [
         'rounds' => 15,
      ]);
   }
}

Output

The output of the above code is

$2y$15$QKYQhdKcDSsMmIXZmwyF/.sihzQDhxtgF5WNiy4fdocNm6LiVihZi

Verifying if the password matches with a hashed password

要验证明文文本即Hash::make中使用的文本是否与哈希值匹配,可以使用check()方法。

如果纯文本与哈希密码匹配,check()方法返回true,否则返回false。

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      $hashed = Hash::make('password', [
         'rounds' => 15,
      ]);
      if (Hash::check('password', $hashed)) {
         echo "Password matching";
      } else {
         echo "Password is not matching";
      }
   }
}

Output

The output of the above code is

Password matching

使用check()方法

让我们现在通过提供错误的纯文本来测试,并查看 check() 方法的响应。

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      $hashed = Hash::make('password', [
         'rounds' => 15,
      ]);
      if (Hash::check('password123', $hashed)) {
         echo "Password matching";
      } else {
         echo "Password is not matching";
      }
   }
}

我们在哈希中使用的纯文本是“password”。在check方法中,我们使用了“password123”,因为文本与哈希文本不匹配,所以输出为“密码不匹配”。

Output

当您在浏览器中执行时,输出将是 -

Password is not matching

对密码进行两次哈希

Let us now hash the same text twice and compare it in the check() method −

$testhash1 = Hash::make('mypassword');
$testhash2 = Hash::make('mypassword');
   
if (Hash::check('mypassword', $testhash1) && Hash::check('mypassword', $testhash2)) {
   echo "Password matching";
} else {
   echo "Password not matching";
}

You can test the complete code in the browser as shown below −

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      $testhash1 = Hash::make('mypassword');
      $testhash2 = Hash::make('mypassword');
      if (Hash::check('mypassword', $testhash1) && Hash::check('mypassword', $testhash2)) {
         echo "Password matching";
      } else {
         echo "Password not matching";
      }
   }
}

Output

上述代码的输出为 −

Password matching

使用bcrypt()方法

You can also try using the bcrypt() method and test the plain text with hashed one using Hash::check().

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      $hashedtext = bcrypt('mypassword');
      if (Hash::check('mypassword', $hashedtext)) {
         echo 'Password matches';
      } else{
         echo 'Password not matching';
      }
   }
}

Output

上述代码的输出为 -

Password matches

Das obige ist der detaillierte Inhalt vonWie vergleiche ich zwei verschlüsselte (bcrypt) Passwörter in Laravel?. Für weitere Informationen folgen Sie bitte anderen verwandten Artikeln auf der PHP chinesischen Website!

Stellungnahme:
Dieser Artikel ist reproduziert unter:tutorialspoint.com. Bei Verstößen wenden Sie sich bitte an admin@php.cn löschen