Helpers\Password

Helpers\Password

The password class uses php 5 password_ functions.

To create a hash of a password, call the make method and provide the password to be hashed, once done save the $hash.

$hash = Password::make($password);

When logging in a user their hash must be retrieved from the database and compared against the provided password to make sure they match, for this a method called password_verify is used, it has 2 parameters the first is the user provided password the second is the hash from the database.

    if (Password::verify($_POST['password'], $data[0]->password)) {
     //passed
    } else {
     //failed
    }

From time to time you may update your hashing parameters (algorithm, cost, etc). So a function to determine if rehashing is necessary is available:

if (Password::verify($password, $hash)) {     
   if (Password::needsRehash($hash, $algorithm, $options)) {         
    $hash = Password::make($password, $algorithm, $options); /* Store new hash in db */     
   } 
}