1: <?php
2:
3: /**
4: * This file is part of the Nette Framework (https://nette.org)
5: * Copyright (c) 2004 David Grudl (https://davidgrudl.com)
6: */
7:
8: namespace Nette\Security;
9:
10: use Nette;
11:
12:
13: /**
14: * Passwords tools.
15: */
16: class Passwords
17: {
18: use Nette\SmartObject;
19:
20: /** @deprecated */
21: const BCRYPT_COST = 10;
22:
23:
24: /**
25: * Computes salted password hash.
26: * @param string
27: * @param array with cost (4-31)
28: * @return string 60 chars long
29: */
30: public static function hash($password, array $options = [])
31: {
32: $hash = @password_hash($password, PASSWORD_BCRYPT, $options); // @ is escalated to exception
33: if (!$hash) {
34: throw new Nette\InvalidStateException('Computed hash is invalid. ' . error_get_last()['message']);
35: }
36: return $hash;
37: }
38:
39:
40: /**
41: * Verifies that a password matches a hash.
42: * @return bool
43: */
44: public static function verify($password, $hash)
45: {
46: return password_verify($password, $hash);
47: }
48:
49:
50: /**
51: * Checks if the given hash matches the options.
52: * @param string
53: * @param array with cost (4-31)
54: * @return bool
55: */
56: public static function needsRehash($hash, array $options = [])
57: {
58: return password_needs_rehash($hash, PASSWORD_BCRYPT, $options);
59: }
60: }
61: