PHP code example of itcover / password-processor

    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

    

itcover / password-processor example snippets

namespace Your\Namespace;

use \ITCover\PasswordProcessor\DAOInterface as DAOInterface;

class UsersDAO implements DAOInterface
{
    private $pdo;

    public function __construct(\PDO $pdo)
    {
        $this->pdo = $pdo;
    }

    public function getPasswordHashForIdentity($identity)
    {
        $query = $this->pdo->prepare("SELECT password FROM users WHERE username = :username");
        $query->execute([':username' => $identity]);
        $result = $query->fetch(\PDO::FETCH_ASSOC);
        return empty($result) ? null : $result['password'];
    }

    public function setPasswordHashForIdentity($identity, $passwordHash)
    {
        $query = $this->pdo->prepare("UPDATE users SET password = :password WHERE username = :username");
        $query->execute([
            ':password' => $passwordHash,
            ':username' => $identity
        ]);
    }
}

use \Your\Namespace\UsersDAO;
use \ITCover\PasswordProcessor\Processor;

$pdo = new \PDO('mysql:dbname=foo;host=127.0.0.1', 'username', 'password');
$dao = new UsersDAO($pdo);

$passwordProcessor = new Processor($dao);

// $passwordProcessor = new \ITCover\PasswordProcessor\Processor($dao);

// Creating a password for a new user:
$passwordHash = $passwordProcessor->hashPassword($passwordInput);

// Updating a user's password:
$passwordProcessor->updatePassword($username, $password);

// Verifying, and AUTOMATICALLY UPDATING (re-hashing) a user's password
// (your typical login scenario)
if ($passwordProcessor->verifyPassword($username, $password))
{
    // login logic here
}
else
{
    // log failures, apply rate-limits, redirect back to login screen, etc.
}

$passwordProcessor = new Processor($dao, function($inputPassword) use ($salt) {
    return \hash('sha256', $inputPassword.$salt);
});