laravel php pbkdf2登录验证
我有一个使用hash_pbkdf2的hash pasword的现有表。对于用户注册,它成功地插入mysqllaravel php pbkdf2登录验证,php,mysql,laravel,hash,pbkdf2,Php,Mysql,Laravel,Hash,Pbkdf2,我有一个使用hash_pbkdf2的hash pasword的现有表。对于用户注册,它成功地插入mysql $string = mcrypt_create_iv(24, MCRYPT_DEV_URANDOM); $salt = strtoupper(bin2hex($string)); $hash = hash_pbkdf2("sha1", $data['password'], $string, 1000, 24, true); $hash = strtoupper(bin2hex($hash)
$string = mcrypt_create_iv(24, MCRYPT_DEV_URANDOM);
$salt = strtoupper(bin2hex($string));
$hash = hash_pbkdf2("sha1", $data['password'], $string, 1000, 24, true);
$hash = strtoupper(bin2hex($hash));
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'hashedpassword' => $hash,
'salt' => $salt,
]);
我无法使用它登录。这是我的密码
$found_salt = DB::table('users')->where('email', 'sicksand@gmail.com')->first();
$salt = $found_salt->salt;
echo "Salt : ".$salt."<br>";
$hash = hash_pbkdf2("sha1", "password", $salt, 1000, 24, true);
$hash = strtoupper(bin2hex($hash));
$userlogin = [
'email' => "icksand@gmail.com",
'hashedpassword' => $hash
];
echo "Hash : ".$hash."<br>";
if(Auth::attempt($userlogin)) {
echo "success";
} else {
echo "not success";
}
$found\u salt=DB::table('users')->where('email','sicksand@gmail.com“)->first();
$salt=$found\u salt->salt;
回声“Salt:.$Salt.”
“;
$hash=hash_pbkdf2(“sha1”,“password”,$salt,1000,24,true);
$hash=strtoupper(bin2hex($hash));
$userlogin=[
'电子邮件'=>“icksand@gmail.com",
'hashedpassword'=>$hash
];
echo“Hash:.$Hash.”
“;
if(Auth::trunt($userlogin)){
呼应“成功”;
}否则{
呼应“不成功”;
}
salt值相同,但哈希值不匹配。希望有人能帮忙。谢谢。在您的第一个代码块中,您可以使用$string而不是$salt值对密码进行加密,但要将$salt存储到数据库中 因此,我认为您需要在第一个代码块中更改这一点:
$hash=hash_pbkdf2(“sha1”,$data['password'],$string,1000,24,true)代码>
到
$hash=hash_pbkdf2(“sha1”,$data['password'],$salt,1000,24,true)代码>