在Laravel中如何比较两个加密（bcrypt）密码？

王林转载: 2023-08-21 08:34:01 467浏览

在Laravel中，您可以使用Hash外观模块来处理密码。它具有bcrypt函数，可以帮助您安全地存储密码。

Hash门面bcrypt()方法是一种强大的密码哈希方式。它可以防止恶意用户破解使用bcrypt()生成的密码。

The hashing details are available inside config/hashing.php. The default driver has bcrypt() as the hashing to be used.

Hashing Passwords

要使用Hash Facade，您需要包含以下类：

Illuminate\Support\Facades\Hash

Example

要对密码进行哈希处理，您可以使用make()方法。以下是一个哈希密码的示例

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      echo $hashed = Hash::make('password', [
         'rounds' => 15,
      ]);
   }
}

Output

The output of the above code is

$2y$15$QKYQhdKcDSsMmIXZmwyF/.sihzQDhxtgF5WNiy4fdocNm6LiVihZi

Verifying if the password matches with a hashed password

要验证明文文本即Hash::make中使用的文本是否与哈希值匹配，可以使用check()方法。

如果纯文本与哈希密码匹配，check()方法返回true，否则返回false。

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      $hashed = Hash::make('password', [
         'rounds' => 15,
      ]);
      if (Hash::check('password', $hashed)) {
         echo "Password matching";
      } else {
         echo "Password is not matching";
      }
   }
}

Output

The output of the above code is

Password matching

使用check()方法

让我们现在通过提供错误的纯文本来测试，并查看 check() 方法的响应。

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      $hashed = Hash::make('password', [
         'rounds' => 15,
      ]);
      if (Hash::check('password123', $hashed)) {
         echo "Password matching";
      } else {
         echo "Password is not matching";
      }
   }
}

我们在哈希中使用的纯文本是“password”。在check方法中，我们使用了“password123”，因为文本与哈希文本不匹配，所以输出为“密码不匹配”。

Output

当您在浏览器中执行时，输出将是 -

Password is not matching

对密码进行两次哈希

Let us now hash the same text twice and compare it in the check() method −

$testhash1 = Hash::make('mypassword');
$testhash2 = Hash::make('mypassword');
   
if (Hash::check('mypassword', $testhash1) && Hash::check('mypassword', $testhash2)) {
   echo "Password matching";
} else {
   echo "Password not matching";
}

You can test the complete code in the browser as shown below −

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      $testhash1 = Hash::make('mypassword');
      $testhash2 = Hash::make('mypassword');
      if (Hash::check('mypassword', $testhash1) && Hash::check('mypassword', $testhash2)) {
         echo "Password matching";
      } else {
         echo "Password not matching";
      }
   }
}

Output

上述代码的输出为 −

Password matching

使用bcrypt()方法

You can also try using the bcrypt() method and test the plain text with hashed one using Hash::check().

<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use App\Models\Student;
use Illuminate\Support\Facades\Hash;

class StudentController extends Controller {
   public function index() {
      $hashedtext = bcrypt('mypassword');
      if (Hash::check('mypassword', $hashedtext)) {
         echo 'Password matches';
      } else{
         echo 'Password not matching';
      }
   }
}