1

I have a laravel app now i'm to built it in core php in which i'm experiencing a problem in login page because the password is encrypted through bcrypt method in laravel. Help me to verify encrypted password through core php

i have tried password_hash('admin@12', PASSWORD_BCRYPT) but still did't find the solutionPlain text is admin@12 and encrypted text is $2y$10$EHC8pQIUSYIBas943P6HEOEvZlQYAxI2zVGkwQiAkLTIDZrhbe6VG enter image description here

\Session::flash('success', 'Your Account is activated please login to continue.');

User::create([
            'username' => $request['username'],

            'password' => bcrypt($request['password']),

            'name' => $request['name'],

           'card_number' => $request['card_number'],

            'email' => $request['email'],

            'phone' => $request['phone'],

            'cnic' => $request['cnic'],

            'address' => $request['address'],

            'role' => "registered",
        ]);
Mansoor Bahadur
  • 13
  • 3
  • 1
    What about `Hash::make('password')` function? – Yavuz Koca Jan 22 '19 at 09:01
  • 2
    Explaining _why_ / _how_ password_hash wasn't working for you may be useful. That is the recommended way to hash passwords using "core" PHP as you seem to imply you need to use. – Jonnix Jan 22 '19 at 09:04
  • Shouldn't you be showing us the code where you try and log the user in too then? – Jonnix Jan 22 '19 at 09:08

1 Answers1

5

The solution is simple: password_verify($password, $hash)

http://php.net/manual/en/function.password-verify.php

It works along different algorithms without event specify it (it read the meta informations in the hash) - and it supports bcrypt.

To create password, instead, use as you suggested password_hash($value, PASSWORD_BCRYPT); here https://github.com/laravel/framework/blob/f10fe3e4cb4824df35e3e9d2e5d6756271f083ba/src/Illuminate/Hashing/BcryptHasher.php#L45 you can find the Laravel solution (it only adds the cost option)

kopiro
  • 689
  • 4
  • 11