Download the PHP package itcover/password-processor without Composer
On this page you can find all versions of the php package itcover/password-processor. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package password-processor
Password Processor
Framework-agnostic password-processing library for PHP.
About
Just a little more than a wrapper around PHP's own password_*() functions.
Currently using bcrypt with a work factor of 11, but both of these will be updated in the future, as more strength becomes necessary.
For new development, it just does the lower-level function calls, abstracting password hashing away from your business logic and giving you one architectural problem less to worry about.
For older applications, it also offers a painless way to upgrade your old password hashing algorithms to a modern one.
Note: This is NOT a fully-featured authentication, authorization or ACL library! It will only ever deal with creating, verifying and updating password hashes.
Motivation
PHP's password extension is really great, but it is also still "just" a language primitive - it provides the tools, not the complete solution. As it should be.
This library is that complete solution.
It is designed to hook into your application, not the other way around, so you don't need to worry about how to abstract it. It offers a seamless way to migrate from any legacy hashing algorithm, so you don't have to think about that either. It is opinionated and intentionally leaves out any custom options, so there's only one way to use it, no unsafe choices.
Installation
PHP 5.6 or newer is required. The latest stable version of PHP is always recommended.
Via Composer (the easy and recommended way)
Manual (you need to know what you're doing)
git clone or download and extract an archived version from
here
and require the autoload.php file.
Examples
Initialization
Implement a Data Access Object to access your password hashes' data source,
using \ITCover\PasswordProcessor\DAOInterface. Typically, this would be a
"users" table in your application's local database.
And then just pass that to our Processor class constructor:
Obviously, your application logic would be a little more complex than that,
and we're only using PDO as an example here,
but all you really need to use the Processor class is an object
implementing our DAOInterface.
Usage
Upgrading from a legacy hash function
Simply pass your old hash function as a callable to the constructor:
Any callables are accepted - from simple function names like 'sha1' (but hopefully not that bad) and static class methods, to closures (anonymous functions) and object methods. Just make sure the callback accepts a string parameter and returns the hash as a string.
