sundayenglish
/
GK-Content-Management
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13 Commits
5 Branches
0 Tags
30 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 37f0eb287b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '37f0eb287b'
${ noResults }
GK-Content-Management/app/Providers/MD5UserProvider.php

60 lines
2.4 KiB
Raw Blame History

<?php
namespace App\Auth\Providers;
use Illuminate\Auth\EloquentUserProvider;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Support\Facades\Hash;
class MD5UserProvider extends EloquentUserProvider
{
/**
* Validate the user's credentials.
*
* This method checks the provided plain password against the stored hashed password.
* - If the stored password is hashed using Bcrypt (i.e., does not need rehashing), it uses Laravel's Hash::check.
* - If the stored password is an MD5 hash, it manually compares the MD5 hash of the plain password.
* If matched, it automatically upgrades the password to Bcrypt and saves the user.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user The user instance.
* @param array $credentials The credentials array containing at least a 'password' key.
* @return bool Returns true if the credentials are valid, otherwise false.
*/
public function validateCredentials(Authenticatable $user, array $credentials)
{
$plain = $credentials['password'];
$hashed = $user->getAuthPassword();
/**
* Checks if the given hashed password needs to be rehashed.
* If the hash does not require rehashing (e.g., it is already using Bcrypt),
* verifies the plain password against the hashed value using Laravel's Hash facade.
*
* @param string $plain The plain text password to verify.
* @param string $hashed The hashed password stored in the database.
* @return bool Returns true if the plain password matches the hashed value, false otherwise.
*/
if (!Hash::needsRehash($hashed)) {
return Hash::check($plain, $hashed);
}
/**
* Checks if the given plain password matches the stored MD5 hash.
* If matched, automatically upgrades the user's password to a secure hash using Laravel's Hash facade.
* Saves the upgraded password to the database.
*
* @param string $plain The plain text password provided by the user.
* @param string $hashed The stored MD5 hashed password.
* @return bool Returns true if the password matches and is upgraded, otherwise false.
*/
if (md5($plain) === $hashed) {
// Tự động upgrade
$user->password = Hash::make($plain);
$user->save();
return true;
}
return false;
}
}