Current File : //opt/alt/php55/usr/share/pear/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php |
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Core\Encoder;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
/**
* @author Elnur Abdurrakhimov <elnur@elnur.pro>
* @author Terje Bråten <terje@braten.be>
*/
class BCryptPasswordEncoder extends BasePasswordEncoder
{
/**
* @var string
*/
private $cost;
/**
* Constructor.
*
* @param integer $cost The algorithmic cost that should be used
*
* @throws \RuntimeException When no BCrypt encoder is available
* @throws \InvalidArgumentException if cost is out of range
*/
public function __construct($cost)
{
if (!function_exists('password_hash')) {
throw new \RuntimeException('To use the BCrypt encoder, you need to upgrade to PHP 5.5 or install the "ircmaxell/password-compat" via Composer.');
}
$cost = (int) $cost;
if ($cost < 4 || $cost > 31) {
throw new \InvalidArgumentException('Cost must be in the range of 4-31.');
}
$this->cost = $cost;
}
/**
* Encodes the raw password.
*
* It doesn't work with PHP versions lower than 5.3.7, since
* the password compat library uses CRYPT_BLOWFISH hash type with
* the "$2y$" salt prefix (which is not available in the early PHP versions).
* @see https://github.com/ircmaxell/password_compat/issues/10#issuecomment-11203833
*
* It is almost best to **not** pass a salt and let PHP generate one for you.
*
* @param string $raw The password to encode
* @param string $salt The salt
*
* @return string The encoded password
*
* @link http://lxr.php.net/xref/PHP_5_5/ext/standard/password.c#111
*/
public function encodePassword($raw, $salt)
{
if ($this->isPasswordTooLong($raw)) {
throw new BadCredentialsException('Invalid password.');
}
$options = array('cost' => $this->cost);
if ($salt) {
$options['salt'] = $salt;
}
return password_hash($raw, PASSWORD_BCRYPT, $options);
}
/**
* {@inheritdoc}
*/
public function isPasswordValid($encoded, $raw, $salt)
{
return !$this->isPasswordTooLong($raw) && password_verify($raw, $encoded);
}
}