How to use SHA1 encryption instead of BCrypt in Laravel 4?
You'll have to rewrite the Hash module. Thanks to Laravel's ideas of following IoC and Dependency Injection concepts, it'll be relatively easy.
First, create a app/libraries folder and add it to composer's autoload.classmap:
"autoload": {
"classmap": [
// ...
"app/libraries"
]
},
Now, it's time we create our class. Create a SHAHasher class, implementing Illuminate\Hashing\HasherInterface. We'll need to implement its 3 methods: make, check and needsRehash.
Note: On Laravel 5, implement Illuminate/Contracts/Hashing/Hasher instead of Illuminate\Hashing\HasherInterface.
app/libraries/SHAHasher.php
class SHAHasher implements Illuminate\Hashing\HasherInterface {
/**
* Hash the given value.
*
* @param string $value
* @return array $options
* @return string
*/
public function make($value, array $options = array()) {
return hash('sha1', $value);
}
/**
* Check the given plain value against a hash.
*
* @param string $value
* @param string $hashedValue
* @param array $options
* @return bool
*/
public function check($value, $hashedValue, array $options = array()) {
return $this->make($value) === $hashedValue;
}
/**
* Check if the given hash has been hashed using the given options.
*
* @param string $hashedValue
* @param array $options
* @return bool
*/
public function needsRehash($hashedValue, array $options = array()) {
return false;
}
}
Now that we have our class done, we want it to be used by default, by Laravel. To do so, we'll create SHAHashServiceProvider, extending Illuminate\Support\ServiceProvider, and register it as the hash component:
app/libraries/SHAHashServiceProvider.php
class SHAHashServiceProvider extends Illuminate\Support\ServiceProvider {
/**
* Register the service provider.
*
* @return void
*/
public function register() {
$this->app['hash'] = $this->app->share(function () {
return new SHAHasher();
});
}
/**
* Get the services provided by the provider.
*
* @return array
*/
public function provides() {
return array('hash');
}
}
Cool, now all we have to do is make sure our app loads the correct service provider. On app/config/app.php, under providers, remove the following line:
'Illuminate\Hashing\HashServiceProvider',
Then, add this one:
'SHAHashServiceProvider',
Changing Default Bcrypt to sha1 in Laravel 8 jetstream while logging in a user
You have to rewrite the Hash module, to do this you can see this answer :
https://stackoverflow.com/a/17719586/4909223
Laravel 5: Using SHA1 instead of Bcrypt
I'v solved the problem myself :-)
In app/Providers/ShaHashServiceProvider.php I overrided the wrong method boot(), when it was in fact the method register() I should have overridden.
use App\ShaHasher;
use Illuminate\Hashing\HashServiceProvider;
class ShaHashServiceProvider extends HashServiceProvider {
public function register()
{
$this->app->singleton('hash', function() { return new ShaHasher; });
}
}
How to change Bcrypt to Sha1 when user login with using oauth2 or via web in Laravel 5
Not recommended - You could change the hash using the solution in similar question. It was for laravel 4. But the same principles should apply. I am not sure though. It is however, recommended to use bcrypt as it is a hell lot more secure than SHA1
Better solution Migrate the current SHA1 hashes to bcrypt.
A migration strategy can have the following steps
- Add a new column in your table, name it
password_new/ something else that you like. - When a user logs in, you have the real password. Check bcrypt hash of the submitted password from the
password_newfield.
If the value is not set, fallback to SHA1 check. If the password matches with SHA1 hash, hash the real password to bcrypt and save it inpassword_newcolumn.
Then resume the current login flow. If not, display login error message. - Clear all user sessions.
- When all users have migrated to the brcypt, drop the current
passwordstoring column and renamepassword_newtopassword - Remove checks for SHA1 from application logic.
Note: Steps 3,4,5 are optional but they are recommended to prevent long term bloating.
Bcrypt hashing not supported in Laravel
Maybe it's too late to post the answer but the solution was : PHP should be upgraded.
How do I use md5 instead of bcrypt?
Using md5() over bcrypt() is not recommended.
However you can manually authenticate user. Override login() method in LoginController
public function login(Request $request)
{
$user = User::where('username', $request->username)
->where('password',md5($request->password))
->first();
Auth::login($user);
return redirect('/');
}
Laravel Passport custom hasher to create token
Found the solution:
I was using my custom hasher (SHAHasher) instead of Passport hashManager, now extend HashManager of passport instead of complete new hasher (SHAHasher). So now even i am sending SHAHasher (custom) it is accepting as my SHAHasher extends hashManager.
Extend hashManager inside custom hasher library.
Upgrading user passwords from salted SHA1 to bcrypt
The whole point of a hash is that you can't recover the original password.
You have three options:
Store bcrypt hashes of the SHA1 hashes, then SHA1 hash each password before bcrypting it on every login.
This may not be a good idea.Upgrade each hash next time that user logs in. (so that you have the plain text to hash)
This is the best option, but you need to keep your SHA1 hashes and transition code until every single user logs inReset every user to a random bcrypted password and force them all to use Forgot Password to change it back.
You probably don't want to do this
custom auth and hashing laravel 5.1
I'll Try to answer my question.
I take it from Facebook Group Laravel Indonesia
Create directory
app/librariesAdd
app/librariestocomposer.json"classmap": ["database","app/libraries"],Create
MD5Hasher.phpinapp/libraries<?php
namespace App\Libraries;
use Illuminate\Contracts\Hashing\Hasher as HasherContract;
class MD5Hasher implements HasherContract {
public function make($value, array $options = array()) {
$value = env('SALT', '').$value;
return md5($value);
}
public function check($value, $hashedValue, array $options = array()) {
return $this->make($value) === $hashedValue;
}
public function needsRehash($hashedValue, array $options = array()) {
return false;
}
}Create
MD5HashServiceProvider.phpinapp/libraries<?php
namespace App\Libraries;
use Illuminate\Support\ServiceProvider;
class MD5HashServiceProvider extends ServiceProvider {
/**
* Register the service provider.
*
* @return void
*/
public function register() {
$this->app['hash'] = $this->app->share(function () {
return new MD5Hasher();
});
}
/**
* Get the services provided by the provider.
*
* @return array
*/
public function provides() {
return array('hash');
}
}in
config/app.phpFind
Illuminate\Hashing\HashServiceProvider::class,Change to
App\Libraries\MD5HashServiceProvider::class,in
AuthController.phpAdd
protected $username = 'username';return Validator::make($data, [
//'name' => 'required|max:255',
'username' => 'required',
'password' => 'required|confirmed|min:5',
]);return User::create([
//'name' => $data['name'],
'username' => $data['username'],
'password' => md5($data['password']),
]);in
App\Users.phpChange
protected $fillable = ['name', 'email', 'password'];To
protected $fillable = ['username', 'password'];Don't forget to run
composer dumpautoload
I don't know what I am doing is right or not.
Regard
Related Topics
How to Get Rid of Eval-Base64_Decode Like PHP Virus Files
How to Emulate a Get Request Exactly Like a Web Browser
Pdo With "Where... In" Queries
PHP-Intl Installation on Xampp
Copy Entire Contents of a Directory to Another Using PHP
How to Sort a Multidimensional Array by One of the Fields of the Inner Array in PHP
How to Receive Email and Process It in a Web Application
How to Check If a File Is Mp3 or Image File
When and Why I Should Use Session_Regenerate_Id()
Get in Woocommerce Cart the Product Id of a Cart Item
Laravel - Session Store Not Set on Request
PHP Short Hash Like Url-Shortening Websites