Namespaces

  • Latte
    • Loaders
    • Macros
    • Runtime
  • Nette
    • Application
      • Responses
      • Routers
      • UI
    • Bridges
      • ApplicationDI
      • ApplicationLatte
      • ApplicationTracy
      • CacheDI
      • CacheLatte
      • DatabaseDI
      • DatabaseTracy
      • DITracy
      • FormsDI
      • FormsLatte
      • Framework
      • HttpDI
      • HttpTracy
      • MailDI
      • ReflectionDI
      • SecurityDI
      • SecurityTracy
    • Caching
      • Storages
    • ComponentModel
    • Database
      • Conventions
      • Drivers
      • Reflection
      • Table
    • DI
      • Config
        • Adapters
      • Extensions
    • Diagnostics
    • Forms
      • Controls
      • Rendering
    • Http
    • Iterators
    • Latte
    • Loaders
    • Localization
    • Mail
    • Neon
    • PhpGenerator
    • Reflection
    • Security
    • Templating
    • Utils
  • NetteModule
  • none
  • Tracy
    • Bridges
      • Nette

Classes

  • Identity
  • Passwords
  • Permission
  • SimpleAuthenticator
  • User

Interfaces

  • IAuthenticator
  • IAuthorizator
  • IIdentity
  • IResource
  • IRole
  • IUserStorage

Exceptions

  • AuthenticationException
  • Overview
  • Namespace
  • Class
  • Tree
  • Deprecated
 1: <?php
 2: 
 3: /**
 4:  * This file is part of the Nette Framework (http://nette.org)
 5:  * Copyright (c) 2004 David Grudl (http://davidgrudl.com)
 6:  */
 7: 
 8: namespace Nette\Security;
 9: 
10: use Nette;
11: 
12: 
13: /**
14:  * Passwords tools. Requires PHP >= 5.3.7.
15:  *
16:  * @author     David Grudl
17:  */
18: class Passwords
19: {
20:     const BCRYPT_COST = 10;
21: 
22: 
23:     /**
24:      * Computes salted password hash.
25:      * @param  string
26:      * @param  array with cost (4-31), salt (22 chars)
27:      * @return string  60 chars long
28:      */
29:     public static function hash($password, array $options = NULL)
30:     {
31:         $cost = isset($options['cost']) ? (int) $options['cost'] : self::BCRYPT_COST;
32:         $salt = isset($options['salt']) ? (string) $options['salt'] : Nette\Utils\Random::generate(22, '0-9A-Za-z./');
33: 
34:         if (PHP_VERSION_ID < 50307) {
35:             throw new Nette\NotSupportedException(__METHOD__ . ' requires PHP >= 5.3.7.');
36:         } elseif (($len = strlen($salt)) < 22) {
37:             throw new Nette\InvalidArgumentException("Salt must be 22 characters long, $len given.");
38:         } elseif ($cost < 4 || $cost > 31) {
39:             throw new Nette\InvalidArgumentException("Cost must be in range 4-31, $cost given.");
40:         }
41: 
42:         $hash = crypt($password, '$2y$' . ($cost < 10 ? 0 : '') . $cost . '$' . $salt);
43:         if (strlen($hash) < 60) {
44:             throw new Nette\InvalidStateException('Hash returned by crypt is invalid.');
45:         }
46:         return $hash;
47:     }
48: 
49: 
50:     /**
51:      * Verifies that a password matches a hash.
52:      * @return bool
53:      */
54:     public static function verify($password, $hash)
55:     {
56:         return preg_match('#^\$2y\$(?P<cost>\d\d)\$(?P<salt>.{22})#', $hash, $m)
57:             && $m['cost'] >= 4 && $m['cost'] <= 31
58:             && self::hash($password, $m) === $hash;
59:     }
60: 
61: 
62:     /**
63:      * Checks if the given hash matches the options.
64:      * @param  string
65:      * @param  array with cost (4-31)
66:      * @return bool
67:      */
68:     public static function needsRehash($hash, array $options = NULL)
69:     {
70:         $cost = isset($options['cost']) ? (int) $options['cost'] : self::BCRYPT_COST;
71:         return !preg_match('#^\$2y\$(?P<cost>\d\d)\$(?P<salt>.{22})#', $hash, $m)
72:             || $m['cost'] < $cost;
73:     }
74: 
75: }
76: 
Nette 2.3.1 API API documentation generated by ApiGen 2.8.0