Download the PHP package christian-riesen/password-hash-bundle without Composer

On this page you can find all versions of the php package christian-riesen/password-hash-bundle. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package password-hash-bundle

Password Hash Bundle

Custom password encoder for symfony2, using the new password hash api from php 5.5 (with fallback for 5.3 + 5.4).

Uses the password_compat implementation by Anthony Ferrara to provide a fallback for PHP 5.3 and 5.4.

In PHP 5.5 it will ignore the fallback and use the native password_hash functions.

Installation

Use composer and require the library in your composer.json

{
    "require": {
        "christian-riesen/password-hash-bundle": "1.*",
    }
}

Update and you have this and the required library all in one package.

Now update the AppKernel.php:

Now it's ready to be used in the security.yml file in app\config

    security:
        encoders:
            Symfony\Component\Security\Core\User\User:
                id: security.encoder.passwordhash

If you have a different model, you can change it to that, for example, if you followed the doctrine entity provider cookbook entry, then you get the following:

    security:
        encoders:
            Acme\UserBundle\Entity\User:
                id: security.encoder.passwordhash

Configuration

Comes with one single configuration, the cost factor of bcrypt. Default is set to 15. I chose not to use the built in default value, in order to ensure that some who have less ressources can lower ir, or those who have higher security needs can up it. Even if this value is changed, the system can still read the old passwords without a problem as the cost factor is part of the saved portion.

To alter the default add this to your config.yml:

cr_passwordhash:
    cost: 5

Note: The cost has to be an integer between 4 and 31.

Storage

However you store the password hash you will need always 60 bytes for it. The hash will never be shorter but always exactly this length. Make certain you can store it properly, as it has may contain characters that might cause troubles with hand made queries.

The salt is included in the password hash, so no need for an extra field there.

Testing

To run the tests you have to install the dev requirements via composer install --dev in order for them to run through. The symfony security component is needed to make it run cleanly (for interfaces and one abstract class).


All versions of password-hash-bundle with dependencies

PHP Build Version
Package Version
Requires php Version >=5.3.7
ircmaxell/password-compat Version 1.*
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package christian-riesen/password-hash-bundle contains the following files

Loading the files please wait ....