发表新帖
发表新帖

Override laravel 4's authentication methods to use custom hasing function

后端 未结
关注
4 678
长发绾君心
长发绾君心 2021-02-08 16:09

I have a table in my database with users. Their password are generated with my own custom hashing function.

How do i override the Authentication methods in laravel 4 to

相关标签:
4条回答
  • 伪装坚强ぢ
    2021-02-08 16:38

    @vFragosop was on the right path with extending Auth.

    There are a couple of ways to skin the cat and here is how I would do that without replacing the default Hasher class:

    Include in your app/routes.php or wherever:

    use Illuminate\Auth\Guard;
Auth::extend("eloquent", function() {
    return new Guard(
        new \Illuminate\Auth\EloquentUserProvider(new CustomHasher(), "User"),  
        App::make('session.store')
    );
});

    Create and autoload a CustomHasher class (i.e., app/libraries/CustomHasher.php):

    class CustomHasher extends Illuminate\Hashing\BcryptHasher {
    public function make($value, array $options = array())
    {
        ...
    }
    public function check($value, $hashedValue, array $options = array())
    {
        ...
    }
}

    That's it.

    0 讨论(0)
  • 渐次进展
    2021-02-08 16:40

    Warning: I can't ensure this is works out of the box and there may be a few gotchas here and there. Keep in mind Laravel 4 is still on development. Wish I could provide a more precise answer, but codebase is still going through many changes and not everything is properly documented. Anyway, you are looking for something like this:

    // on config/auth.php
'driver' => 'custom'

    // on start/global.php
Auth::extend('custom', function() {
    // CustomUserProvider is your custom driver and should
    // implement Illuminate\Auth\UserProviderInterface;
    return new Guard(new CustomUserProvider, App::make('session'));
});

    If this doesn't give you enough information to start, you should be able to figure it out by taking a look at those classes below:

    EloquentUserProvider and DatabaseUserProvider
    These classes are the currently supported authentication drivers. They should guide you on how to create your CustomUserProvider (or any name you like really).

    Manager
    This is the base class for anything that accepts custom drivers (including the AuthManager). It provides the methods for registering them like you do in Laravel 3.

    0 讨论(0)
  • 青春惊慌失措
    2021-02-08 16:41

    This is how ended up solving the problem:

    libraries\CustomHasherServiceProvider.php

    use Illuminate\Support\ServiceProvider;

class CustomHasherServiceProvider extends ServiceProvider {

    public function register()
    {
        $this->app->bind('hash', function()
        {
            return new CustomHasher;
        });
    }

}

    libraries\CustomHasher.php

    class CustomHasher implements Illuminate\Hashing\HasherInterface {

private $NUMBER_OF_ROUNDS = '$5$rounds=7331$';


public function make($value, array $options = array())
{

    $salt = uniqid();
    $hash = crypt($password, $this->NUMBER_OF_ROUNDS . $salt);
    return substr($hash, 15);
}

public function check($value, $hashedValue, array $options = array())
{
    return $this->NUMBER_OF_ROUNDS . $hashedValue === crypt($value, $this->NUMBER_OF_ROUNDS . $hashedValue);
}

}

    And then I replaced 'Illuminate\Hashing\HashServiceProvider' with 'CustomHasherServiceProvider' in the providers array in app/config/app.php

    and added "app/libraries" to autoload classmap in composer.json

    0 讨论(0)
  • 庸人自扰
    2021-02-08 16:41

    This was the top result on Google, but these answers are insufficient for anyone on Laravel 5. Even the documentation doesn't suffice.

    I've successfully replaced the Hasher for only the UserProvider. The rest of my application continues to use the very nice BcryptHasher, while user authentication uses a custom hasher. To do this, I had to study these answers, the documentation, and Laravel's source code itself. Here's what I found. Hopefully I can save someone else's full head of hair. Feel free to crosspost this to a question about Laravel 5.

    First, create your custom hasher, if you haven't already. Place it wherever you'd like.

    class MyCustomHasher implements Hasher {

    public function make($value, array $options = []) {
        return md5( $value );  // PLEASE DON'T USE MD5!
    }

    public function check($value, $hashedValue, array $options = []) {
        if (strlen($hashedValue) === 0) {
            return false;
        }
        return $hashedValue === $this->make($value);
    }

    public function needsRehash($hashedValue, array $options = []) {
        return false;
    }

}

    Edit any registered ServiceProvider as follows...

    class AppServiceProvider extends ServiceProvider {

    public function boot() {
        Auth::provider('eloquentCustom', function ($app, $config) {
            return new EloquentUserProvider(new MyCustomHasher(), $config['model']);
        });
    }

}

    You can replace 'eloquentCustom' with whatever you'd prefer.

    Finally, edit your config/auth.php to use your custom provider. Here are the relevant parts... 

    return [

    // ...

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        // ...
    ],

    // ...

    'providers' => [
        'users' => [
            'driver' => 'eloquentCustom',  // <--- This is the only change
            'model' => App\User::class,
        ],
        // ...
    ],

    // ...

];

    Here's a little explanation, because I can't believe how obscure this was.

    As you may expect, authentication is configured with config/auth.php. There are two key parts: Guards and Providers. I haven't yet bothered to learn exactly what guards do, but they seem to enforce authentication requirements. Providers are responsible for providing the necessary information to the guards. Therefore, a Guard requires a Provider. You can see that, in the default configuration, guards.web.provider is mapped to providers.users.

    Laravel provides two implementations of UserProvider by default: EloquentUserProvider and DatabaseUserProvider. These correspond to the two possible values for providers.users.driver: eloquent and database, respectively. Normally, the eloquent option is chosen. EloquentUserProvider needs a Hasher, so Laravel gives it whatever the standard implementation is (ie. BcryptHasher). We override this behavior by creating our own "driver" for instantiating the Provider.

    Auth is our friendly neighborhood facade. It is backed by the AuthManager. The often suggested Auth::extend() method expects a Guard (contrary to what the documentation might suggest). We have no need to mess with the Guard. Instead, we can use Auth::provider() which basically does the same thing as extend(), except it expects a Provider. So we provide a function to create our own instance of a EloquentUserProvider, giving it our custom Hasher (eg. MyCustomHasher). We also include a driver "name" that can be used in the config file.

    Now back to the config file. That driver name that we just created is now a valid value for providers.users.driver. Set it there and you're good to go!

    I hope this all makes sense and is useful for someone!

    0 讨论(0)
 看不清?
提交回复
热议问题