opensourcemirror
/
Laravel-Docs
mirror of https://github.com/laravel/docs.git
1
0
Fork 0
Code Issues Releases Wiki Activity

add argon docs

This commit is contained in:
Taylor Otwell 2018-01-30 08:47:52 -06:00
parent 1915b889b7
commit cf478c2fb9
1 changed files with 24 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
hashing.md
View File

@ -1,15 +1,23 @@
# Hashing
- [Introduction](#introduction)
- [Configuration](#configuration)
- [Basic Usage](#basic-usage)
<a name="introduction"></a>
## Introduction
The Laravel `Hash` [facade](/docs/{{version}}/facades) provides secure Bcrypt hashing for storing user passwords. If you are using the built-in `LoginController` and `RegisterController` classes that are included with your Laravel application, they will automatically use Bcrypt for registration and authentication.
The Laravel `Hash` [facade](/docs/{{version}}/facades) provides secure Bcrypt and Argon2 hashing for storing user passwords. If you are using the built-in `LoginController` and `RegisterController` classes that are included with your Laravel application, they will use Bcrypt for registration and authentication by default.
> {tip} Bcrypt is a great choice for hashing passwords because its "work factor" is adjustable, which means that the time it takes to generate a hash can be increased as hardware power increases.
<a name="configuration"></a>
## Configuration
The default hashing driver for your application is configured in the `config/hashing.php` configuration file. There are currently two supported drivers: [Bcrypt](https://en.wikipedia.org/wiki/Bcrypt) and [Argon2](https://en.wikipedia.org/wiki/Argon2).
> {note} The Argon2 driver requires PHP 7.2.0 or greater.
<a name="basic-usage"></a>
## Basic Usage
@ -41,12 +49,26 @@ You may hash a password by calling the `make` method on the `Hash` facade:
}
}
The `make` method also allows you to manage the work factor of the bcrypt hashing algorithm using the `rounds` option; however, the default is acceptable for most applications:
#### Adjusting The Bcrypt Work Factor
If you are using the Bcrypt algorithm, the `make` method allows you to manage the work factor of the algorithm using the `rounds` option; however, the default is acceptable for most applications:
$hashed = Hash::make('password', [
'rounds' => 12
]);
#### Adjusting The Argon2 Work Factor
If you are using the Argon2 algorithm, the `make` method allows you to manage the work factor of the algorithm using the `memory`, `time`, and `threads` options; however, the defaults are acceptable for most applications:
$hashed = Hash::make('password', [
'memory' => 1024,
'time' => 2,
'threads' => 2,
]);
> {tip} For more information on these options, check out the [official PHP documentation](http://php.net/manual/en/function.password-hash.php).
#### Verifying A Password Against A Hash
The `check` method allows you to verify that a given plain-text string corresponds to a given hash. However, if you are using the `LoginController` [included with Laravel](/docs/{{version}}/authentication), you will probably not need to use this directly, as this controller automatically calls this method: