hydra-sql/src/Security/Hasher/PasswordEncoder.php

50 lines
1.4 KiB
PHP
Raw Normal View History

<?php
namespace App\Security\Hasher;
use App\SQLLogin\Exception\InvalidSQLPasswordException;
use Symfony\Component\PasswordHasher\Exception\InvalidPasswordException;
use Symfony\Component\PasswordHasher\Hasher\CheckPasswordLengthTrait;
use Symfony\Component\PasswordHasher\LegacyPasswordHasherInterface;
class PasswordEncoder implements LegacyPasswordHasherInterface
{
use CheckPasswordLengthTrait;
protected ?string $pepper;
protected string $hashAlgo;
public function __construct(?string $pepper, string $hashAlgo)
{
$this->pepper = $pepper;
$this->hashAlgo = $hashAlgo;
}
public function hash(string $plainPassword, string $salt = null): string
{
if ($this->isPasswordTooLong($plainPassword)) {
throw new InvalidPasswordException();
}
$hash = hash($this->hashAlgo, $plainPassword.$salt.$this->pepper);
return $hash;
}
public function verify(string $hashedPassword, string $plainPassword, string $salt = null): bool
{
if ('' === $plainPassword || $this->isPasswordTooLong($plainPassword)) {
return false;
}
if ($this->hash($plainPassword, $salt) === $hashedPassword) {
return true;
} else {
throw new InvalidSQLPasswordException();
}
}
public function needsRehash(string $hashedPassword): bool
{
return false;
}
}