CODEWITHSUNDEEP
phpencryptionzend-framework2zfcuser
Himanshu Bhardiya
Himanshu Bhardiya

Reputation: 1057

convert user inserted password into zfcuser encrypted password

I am try to make profile update page, were people can able to change profile details. and they need password to update profile.

I am using zfcuser module for log-in and registration. i don't know which encryption technique is used by zfcuser.

now i need to compare encrypted password by zfcuser with password entered by user while profile update.

Like, if user_inserted_password==encrypted_password_in_database then update profile.

i also tried this code

$bcrypt = new Bcrypt;
$bcrypt->setCost(14);
$pass = $bcrypt->create($newpass);

but not matching with the encrypted password in database. At last i used this code,

use ZfcUser\Options\PasswordOptionsInterface;
use Zend\ServiceManager\ServiceManager;
use Zend\ServiceManager\ServiceManagerAwareInterface;
use Zend\ModuleManager\Feature\ServiceProviderInterface;
use ZfcUser\Mapper\UserInterface as UserMapperInterface;
use ZfcBase\EventManager\EventProvider;
use GoalioForgotPassword\Options\ForgotOptionsInterface;

use Zend\Crypt\Password\Bcrypt;

class ReservationsController extends AbstractActionController
{
 protected $zfcUserOptions;
 public function indexAction()
 {
  $bcrypt = new Bcrypt;
  $bcrypt->setCost($this->getZfcUserOptions()->getPasswordCost());
  $pass = $bcrypt->create("test");
  echo $pass; exit;
 }

 public function getZfcUserOptions()
 {
    if (!$this->zfcUserOptions instanceof PasswordOptionsInterface) {
        $this->setZfcUserOptions($this->getServiceManager()->get('zfcuser_module_options'));
    }
    return $this->zfcUserOptions;
 }
}

but getting this error.

Zend\Mvc\Controller\PluginManager::get was unable to fetch or create an instance for getServiceManager

should anybudy have idea? how to encrypt password in zend2 zfcuser module? Thanks in advance.

Upvotes: 0

Views: 639

Answers (1)

Danielss89
Danielss89

Reputation: 863

Bcrypt doesn't create the same string each time, as MD5 does. If you want to check if a bcrypted password is valid, you can use:

$bcrypt = new Bcrypt();
$bcrypt->setCost(14);
$bcrypt->verify('isThisCorrect?', $userPasswordFromDB)

Upvotes: 2

Related Questions