CODEWITHSUNDEEP
phplaravelauthenticationhashlaravel-5.3
Vincent Hokie
Vincent Hokie

Reputation: 61

Can a "plain" php application use a laravel user table for authentication?

Currently I have a Laravel application with authentication. I'm wondering if I could have another PHP application (framework independent) that uses the same user table for authentication. I don't want to use Laravel again because it would be a over engineering.

My main concern is how the hashing of the password is done in Laravel. Can I configure the plain PHP application to hash passwords the same way? If so, how can I do this?

Upvotes: 1

Views: 129

Answers (2)

Kevin P
Kevin P

Reputation: 601

This is the file you want to check out vendor/laravel/framework/src/Illuminate/Hashing/BcryptHasher.php

And these are the functions they are using, password_hash(); and password_verify();

function make($value, array $options = [])
    {
        $cost = isset($options['rounds']) ? $options['rounds'] : $this->rounds;
    $hash = password_hash($value, PASSWORD_BCRYPT, ['cost' => $cost]);

    if ($hash === false) {
        throw new RuntimeException('Bcrypt hashing not supported.');
    }

    return $hash;
}

function check($value, $hashedValue, array $options = [])
{
    if (strlen($hashedValue) === 0) {
        return false;
    }

    return password_verify($value, $hashedValue);
}

Upvotes: 1

Alexey Mezenin
Alexey Mezenin

Reputation: 163898

Laravel uses password_hash() to create a password hash (see the make() method source code):

password_hash('somePassword555', PASSWORD_BCRYPT);

And password_verify() to check password hash (see the check() method source code):

password_verify('somePassword555', $hashedPasswordFromDB);

Upvotes: 2

Related Questions