Class FallbackPasswordHasher

A password hasher that can use multiple different hashes where only one is the preferred one. This is useful when trying to migrate an existing database of users from one password type to another.

Namespace: Cake\Auth

Property Summary

$_config protected

array

Runtime config
$_configInitialized protected

bool

Whether the config property has already been configured with defaults
$_defaultConfig protected

array

Default config for this object.
$_hashers protected

array

Holds the list of password hasher objects that will be used

Method Summary

__construct() public

Constructor
_configDelete() protected

Delete a single config key
_configRead() protected

Read a config variable
_configWrite() protected

Write a config variable
check() public

Verifies that the provided password corresponds to its hashed version
config() public

Usage
configShallow() public

Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.
hash() public

Generates password hash.
needsRehash() public

Returns true if the password need to be rehashed, with the first hasher present in the list of hashers

Method Detail

__construct() ¶ public

__construct(array $config = [])

Constructor

Parameters

array $config optional: configuration options for this object. Requires the hashers key to be present in the array with a list of other hashers to be used

_configDelete() ¶ protected

_configDelete(string $key): void

Delete a single config key

Parameters

string $key: Key to delete.

Returns

void

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

_configRead() ¶ protected

_configRead(string|null $key): mixed

Read a config variable

Parameters

string|null $key: Key to read.

Returns

mixed

_configWrite() ¶ protected

_configWrite(string|array $key, mixed $value, bool|string $merge = false): void

Write a config variable

Parameters

string|array $key: Key to write to.
mixed $value: Value to write.
bool|string $merge optional: True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.

Returns

void

Throws

Cake\Core\Exception\Exception
if attempting to clobber existing config

check() ¶ public

check(string|array $password, string $hashedPassword): bool

Verifies that the provided password corresponds to its hashed version

This will iterate over all configured hashers until one of them returns true.

Parameters

string|array $password: Plain text password to hash.
string $hashedPassword: Existing hashed password.

Returns

bool

config() ¶ public

config(string|array|null $key = null, mixed|null $value = null, bool $merge = true): mixed

Usage

Reading the whole config:

$this->config();

Reading a specific value:

$this->config('key');

Reading a nested value:

$this->config('some.nested.key');

Setting a specific value:

$this->config('key', $value);

Setting a nested value:

$this->config('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->config(['one' => 'value', 'another' => 'value']);

Parameters

string|array|null $key optional: The key to get/set, or a complete array of configs.
mixed|null $value optional: The value to set.
bool $merge optional: Whether to recursively merge or overwrite existing config, defaults to true.

Returns

mixed

Throws

Cake\Core\Exception\Exception
When trying to set a key that is invalid.

configShallow() ¶ public

configShallow(string|array $key, mixed|null $value = null): $this

Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.

Setting a specific value:

$this->config('key', $value);

Setting a nested value:

$this->config('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->config(['one' => 'value', 'another' => 'value']);

Parameters

string|array $key: The key to set, or a complete array of configs.
mixed|null $value optional: The value to set.

Returns

$this

hash() ¶ public

hash(string|array $password): string

Generates password hash.

Uses the first password hasher in the list to generate the hash

Parameters

string|array $password: Plain text password to hash.

Returns

string

needsRehash() ¶ public

needsRehash(string $password): bool

Returns true if the password need to be rehashed, with the first hasher present in the list of hashers

Returns true by default since the only implementation users should rely on is the one provided by default in php 5.5+ or any compatible library

Parameters

string $password: The password to verify

Returns

bool

Property Detail

`$_config` ¶ protected

Runtime config

Type

array

`$_configInitialized` ¶ protected

Whether the config property has already been configured with defaults

Type

bool

`$_defaultConfig` ¶ protected

Default config for this object.

These are merged with user-provided config when the object is used.

Type

array

`$_hashers` ¶ protected

Holds the list of password hasher objects that will be used

Type

array

Namespaces

Class FallbackPasswordHasher

Property Summary

Method Summary

__construct() public

_configDelete() protected

_configRead() protected

_configWrite() protected

check() public

config() public

Usage

configShallow() public

hash() public

needsRehash() public

Method Detail

__construct() ¶ public

Parameters

_configDelete() ¶ protected

Parameters

Returns

Throws

_configRead() ¶ protected

Parameters

Returns

_configWrite() ¶ protected

Parameters

Returns

Throws

check() ¶ public

Parameters

Returns

config() ¶ public

Usage

Parameters

Returns

Throws

configShallow() ¶ public

Parameters

Returns

hash() ¶ public

Parameters

Returns

needsRehash() ¶ public

Parameters

Returns

Property Detail

$_config ¶ protected

Type

$_configInitialized ¶ protected

Type

$_defaultConfig ¶ protected

Type

$_hashers ¶ protected

Type

`$_config` ¶ protected

`$_configInitialized` ¶ protected

`$_defaultConfig` ¶ protected

`$_hashers` ¶ protected