All geek questions in one place

How can I use MD5 hashing for passwords in Laravel?

I am porting an outdated application to Laravel. The old application used MD5 to hash passwords without salt, so I need to repeat this in Laravel. For recording, we change the passwords to bcrypt with salt, but this is not a simple process, and this requires a user login - for now I just need to get logins that work with outdated hashes.

I followed this guide to convert Auth::hash to MD5: How to use SHA1 encryption instead of BCrypt in Laravel 4?

When I register a password in plain text and a generated hash in my make method when registering an account:

 public function make($value, array $options = array()) { echo $value.'<br>'.hash('md5', $value); exit; return hash('md5', $value); }

I get the following:

 123456 e10adc3949ba59abbe56e057f20f883e

Great for what I need. However, when this is stored in the database, I get a completely different hash. I assume Laravel is poking the password elsewhere, but I cannot find where and how to override this.

My MD5Hasher.php file inside app/libraries :

 <?php class MD5Hasher implements Illuminate\Contracts\Hashing\Hasher { /** * Hash the given value. * * @param string $value * @return array $options * @return string */ public function make($value, array $options = array()) { return hash('md5', $value); } /** * Check the given plain value against a hash. * * @param string $value * @param string $hashedValue * @param array $options * @return bool */ public function check($value, $hashedValue, array $options = array()) { return $this->make($value) === $hashedValue; } /** * Check if the given hash has been hashed using the given options. * * @param string $hashedValue * @param array $options * @return bool */ public function needsRehash($hashedValue, array $options = array()) { return false; } }

My MD5HashServiceProvider.php :

 <?php class MD5HashServiceProvider extends Illuminate\Support\ServiceProvider { /** * Register the service provider. * * @return void */ public function register() { $this->app['hash'] = $this->app->share(function () { return new MD5Hasher(); }); } /** * Get the services provided by the provider. * * @return array */ public function provides() { return array('hash'); } }

My AuthController.php as follows:

 <?php namespace App\Http\Controllers\Auth; use Hash; use App\User; use Validator; use Mail; use App\Http\Controllers\Controller; use Illuminate\Foundation\Auth\ThrottlesLogins; use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers; class AuthController extends Controller { /* |-------------------------------------------------------------------------- | Registration & Login Controller |-------------------------------------------------------------------------- | | This controller handles the registration of new users, as well as the | authentication of existing users. By default, this controller uses | a simple trait to add these behaviors. Why don't you explore it? | */ use AuthenticatesAndRegistersUsers, ThrottlesLogins; //protected $redirectTo = '/account'; /** * Create a new authentication controller instance. * * @return void */ public function __construct() { $this->middleware('guest', ['except' => 'getLogout']); } /** * Get a validator for an incoming registration request. * * @param array $data * @return \Illuminate\Contracts\Validation\Validator */ protected function validator(array $data) { return Validator::make($data, [ 'name' => 'required|max:255', 'email' => 'required|email|max:255|unique:users', 'password' => 'required|confirmed|min:6', ]); } /** * Create a new user instance after a valid registration. * * @param array $data * @return User */ protected function create(array $data) { $this->redirectTo = '/register/step-1'; $user = User::create([ 'name' => $data['name'], 'email' => $data['email'], 'password' => Hash::make($data['password']), ]); // email the user Mail::send('emails.register', ['user' => $user], function($message) use ($user) { $message->to($user->email, $user->name)->subject('Edexus - Welcome'); }); // email the admin Mail::send('emails.register-admin', ['user' => $user], function($message) use ($user) { $message->to(' admins@ ***.com', 'Edexus')->subject('Edexus - New user sign up'); }); return $user; } }
+5
source share
2 answers

Check the password mutator in your user model. This is hashing the password another time after adding it to the controller.

My recommendation is a hash password once in your create () and update () events and remove it from the mutator and controller.

+3
source

step1: create an application / library folder and add it to the composer autoload.classmap

 "autoload": { "classmap": [ // ... "app/libraries" ] },

Step 2: create two php files MD5Hasher.php and MD5HashServiceProvider in the application / libraries MD5Hasher.php

 <?php namespace App\Libraries; use Illuminate\Contracts\Hashing\Hasher; class MD5Hasher implements Hasher { /** * Hash the given value. * * @param string $value * @return array $options * @return string */ public function make($value, array $options = array()) { return md5($value); } /** * Check the given plain value against a hash. * * @param string $value * @param string $hashedValue * @param array $options * @return bool */ public function check($value, $hashedValue, array $options = array()) { return $this->make($value) === $hashedValue; } /** * Check if the given hash has been hashed using the given options. * * @param string $hashedValue * @param array $options * @return bool */ public function needsRehash($hashedValue, array $options = array()) { return false; } }

MD5HashServiceProvider.php

 <?php namespace App\Libraries; use Illuminate\Support\ServiceProvider; class MD5HashServiceProvider extends ServiceProvider { /** * Register the service provider. * * @return void */ public function register() { // $this->app['hash'] = $this->app->share(function () { // return new MD5Hasher(); // }); $this->app->singleton('hash', function () { return new MD5Hasher(); }); } /** * Get the services provided by the provider. * * @return array */ public function provides() { return array('hash'); }

step3: Hide or remove "Illuminate \ Hashing \ HashServiceProvider :: class" in config / app.php and add "App \ Libraries \ MD5HashServiceProvider :: class"

+1
source

Source: https://habr.com/ru/post/1235346/

More articles:


All Articles