How to use SHA1 encryption instead of BCrypt in Laravel 4?
You'll have to rewrite the Hash
module. Thanks to Laravel's ideas of following IoC and Dependency Injection concepts, it'll be relatively easy.
First, create a app/libraries
folder and add it to composer's autoload.classmap
:
"autoload": {
"classmap": [
// ...
"app/libraries"
]
},
Now, it's time we create our class. Create a SHAHasher
class, implementing Illuminate\Hashing\HasherInterface
. We'll need to implement its 3 methods: make
, check
and needsRehash
.
Note: On Laravel 5, implement Illuminate/Contracts/Hashing/Hasher
instead of Illuminate\Hashing\HasherInterface
.
app/libraries/SHAHasher.php
class SHAHasher implements Illuminate\Hashing\HasherInterface {
/**
* Hash the given value.
*
* @param string $value
* @return array $options
* @return string
*/
public function make($value, array $options = array()) {
return hash('sha1', $value);
}
/**
* Check the given plain value against a hash.
*
* @param string $value
* @param string $hashedValue
* @param array $options
* @return bool
*/
public function check($value, $hashedValue, array $options = array()) {
return $this->make($value) === $hashedValue;
}
/**
* Check if the given hash has been hashed using the given options.
*
* @param string $hashedValue
* @param array $options
* @return bool
*/
public function needsRehash($hashedValue, array $options = array()) {
return false;
}
}
Now that we have our class done, we want it to be used by default, by Laravel. To do so, we'll create SHAHashServiceProvider
, extending Illuminate\Support\ServiceProvider
, and register it as the hash
component:
app/libraries/SHAHashServiceProvider.php
class SHAHashServiceProvider extends Illuminate\Support\ServiceProvider {
/**
* Register the service provider.
*
* @return void
*/
public function register() {
$this->app['hash'] = $this->app->share(function () {
return new SHAHasher();
});
}
/**
* Get the services provided by the provider.
*
* @return array
*/
public function provides() {
return array('hash');
}
}
Cool, now all we have to do is make sure our app loads the correct service provider. On app/config/app.php
, under providers
, remove the following line:
'Illuminate\Hashing\HashServiceProvider',
Then, add this one:
'SHAHashServiceProvider',
Changing Default Bcrypt to sha1 in Laravel 8 jetstream while logging in a user
You have to rewrite the Hash module, to do this you can see this answer :
https://stackoverflow.com/a/17719586/4909223
Laravel 5: Using SHA1 instead of Bcrypt
I'v solved the problem myself :-)
In app/Providers/ShaHashServiceProvider.php I overrided the wrong method boot()
, when it was in fact the method register()
I should have overridden.
use App\ShaHasher;
use Illuminate\Hashing\HashServiceProvider;
class ShaHashServiceProvider extends HashServiceProvider {
public function register()
{
$this->app->singleton('hash', function() { return new ShaHasher; });
}
}
How to change Bcrypt to Sha1 when user login with using oauth2 or via web in Laravel 5
Not recommended - You could change the hash using the solution in similar question. It was for laravel 4. But the same principles should apply. I am not sure though. It is however, recommended to use bcrypt as it is a hell lot more secure than SHA1
Better solution Migrate the current SHA1 hashes to bcrypt.
A migration strategy can have the following steps
- Add a new column in your table, name it
password_new
/ something else that you like. - When a user logs in, you have the real password. Check bcrypt hash of the submitted password from the
password_new
field.
If the value is not set, fallback to SHA1 check. If the password matches with SHA1 hash, hash the real password to bcrypt and save it inpassword_new
column.
Then resume the current login flow. If not, display login error message. - Clear all user sessions.
- When all users have migrated to the brcypt, drop the current
password
storing column and renamepassword_new
topassword
- Remove checks for SHA1 from application logic.
Note: Steps 3,4,5 are optional but they are recommended to prevent long term bloating.
Bcrypt hashing not supported in Laravel
Maybe it's too late to post the answer but the solution was : PHP should be upgraded.
How do I use md5 instead of bcrypt?
Using md5() over bcrypt() is not recommended.
However you can manually authenticate user. Override login()
method in LoginController
public function login(Request $request)
{
$user = User::where('username', $request->username)
->where('password',md5($request->password))
->first();
Auth::login($user);
return redirect('/');
}
Laravel Passport custom hasher to create token
Found the solution:
I was using my custom hasher (SHAHasher) instead of Passport hashManager, now extend HashManager of passport instead of complete new hasher (SHAHasher). So now even i am sending SHAHasher (custom) it is accepting as my SHAHasher extends hashManager.
Extend hashManager inside custom hasher library.
Upgrading user passwords from salted SHA1 to bcrypt
The whole point of a hash is that you can't recover the original password.
You have three options:
Store bcrypt hashes of the SHA1 hashes, then SHA1 hash each password before bcrypting it on every login.
This may not be a good idea.Upgrade each hash next time that user logs in. (so that you have the plain text to hash)
This is the best option, but you need to keep your SHA1 hashes and transition code until every single user logs inReset every user to a random bcrypted password and force them all to use Forgot Password to change it back.
You probably don't want to do this
custom auth and hashing laravel 5.1
I'll Try to answer my question.
I take it from Facebook Group Laravel Indonesia
Create directory
app/libraries
Add
app/libraries
tocomposer.json
"classmap": ["database","app/libraries"],
Create
MD5Hasher.php
inapp/libraries
<?php
namespace App\Libraries;
use Illuminate\Contracts\Hashing\Hasher as HasherContract;
class MD5Hasher implements HasherContract {
public function make($value, array $options = array()) {
$value = env('SALT', '').$value;
return md5($value);
}
public function check($value, $hashedValue, array $options = array()) {
return $this->make($value) === $hashedValue;
}
public function needsRehash($hashedValue, array $options = array()) {
return false;
}
}Create
MD5HashServiceProvider.php
inapp/libraries
<?php
namespace App\Libraries;
use Illuminate\Support\ServiceProvider;
class MD5HashServiceProvider extends ServiceProvider {
/**
* Register the service provider.
*
* @return void
*/
public function register() {
$this->app['hash'] = $this->app->share(function () {
return new MD5Hasher();
});
}
/**
* Get the services provided by the provider.
*
* @return array
*/
public function provides() {
return array('hash');
}
}in
config/app.php
Find
Illuminate\Hashing\HashServiceProvider::class,
Change to
App\Libraries\MD5HashServiceProvider::class,
in
AuthController.php
Add
protected $username = 'username';
return Validator::make($data, [
//'name' => 'required|max:255',
'username' => 'required',
'password' => 'required|confirmed|min:5',
]);return User::create([
//'name' => $data['name'],
'username' => $data['username'],
'password' => md5($data['password']),
]);in
App\Users.php
Change
protected $fillable = ['name', 'email', 'password'];
To
protected $fillable = ['username', 'password'];
Don't forget to run
composer dumpautoload
I don't know what I am doing is right or not.
Regard
Related Topics
How to Get Rid of Eval-Base64_Decode Like PHP Virus Files
How to Emulate a Get Request Exactly Like a Web Browser
Pdo With "Where... In" Queries
PHP-Intl Installation on Xampp
Copy Entire Contents of a Directory to Another Using PHP
How to Sort a Multidimensional Array by One of the Fields of the Inner Array in PHP
How to Receive Email and Process It in a Web Application
How to Check If a File Is Mp3 or Image File
When and Why I Should Use Session_Regenerate_Id()
Get in Woocommerce Cart the Product Id of a Cart Item
Laravel - Session Store Not Set on Request
PHP Short Hash Like Url-Shortening Websites