Reputation: 11
How to change default hash password in cakephp
I have an existing website (functional) and now i need to upgrade my website by cakephp and also, import old DB to new DB.
Cakephp have default Algorithm for hash and password for that i need to change Algorithm .
My old website used this code for password:
$password_hash = hash('sha256', $password);
How can I set cakephp password hash auth like: hash('sha256', $password) until my website users can login into cakephp script?
please help...
cakephp ver: CakePHP(tm) v 0.2.9<br><br>
note: apologize For the weak English
Upvotes: 1
Views: 3400
Answers (2)
Reputation: 31
SHA3-512 is not supported in cakephp version 2.x, and in cakephp version 2.x we can use at max SHA-512.
You can do the same by making changes in app/Controller/AppController.php by adding below patch,
$this->Auth->authenticate = array(
'Form' => array(
'passwordHasher' => array(
'className' => 'Simple',
'hashType' => 'sha512' //passing sha512 as the hash type
)
)
);
If you are giving a option to change/reset password after updating your hash, you may use below patch to accept password with updated hash,
$var = Security::hash($password, 'sha512', true);
Here sha512 hash algorithm will be used, you can change it as per your hash requirement(sha1/sha256/md5/blowfish), if salt value i.e. third parameter is set to true application's salt value will be used.
Upvotes: 0
Reputation: 682
I assume you are using CakePHP 3.x which uses the bcrypt hashing algorithm by default.
To use sha256 hasing you can create custom password hasher class.
namespace App\Auth;
use Cake\Auth\AbstractPasswordHasher;
class Sha256PasswordHasher extends AbstractPasswordHasher
{
public function hash($password)
{
return sha256($password);
}
public function check($password, $hashedPassword)
{
return sha256($password) === $hashedPassword;
}
}
and configure the AuthComponent to use your own password hasher:
public function initialize()
{
parent::initialize();
$this->loadComponent('Auth', [
'authenticate' => [
'Form' => [
'passwordHasher' => [
'className' => 'Sha256',
]
]
]
]);
}
read more here https://book.cakephp.org/3.0/en/controllers/components/authentication.html#hashing-passwords
Upvotes: 1
Related Questions
- How to encode password that hased by DefaultPasswordHasher() in cakephp
- CakePHP 3 DefaultPasswordHasher
- How to do Password hashing in cakephp 3 manually?
- Change password function not working - hash wrong
- How to configure CakePHP's $this->Auth->login() to use custom password hasher
- How to use my own password hasher
- cakephp auth component: password hashing problem
- CakePHP password doesn't get hash
- Cakephp 2.0 change password
- Turn of Cakephp Auth password hashing