public function PhpassHashedPassword::needsRehash
public PhpassHashedPassword::needsRehash($hash)
Check whether a hashed password needs to be replaced with a new hash.
This is typically called during the login process when the plain text password is available. A new hash is needed when the desired iteration count has changed by a modification of the password-service in the dependency injection container or if the user's password hash was generated in an update like user_update_7000() (see the Drupal 7 documentation).
Parameters
string $hash: The existing hash to be checked.
Return value
bool TRUE if the hash is outdated and needs rehash.
Overrides PasswordInterface::needsRehash
File
- core/lib/Drupal/Core/Password/PhpassHashedPassword.php, line 257
Class
- PhpassHashedPassword
- Secure password hashing functions based on the Portable PHP password hashing framework.
Namespace
Drupal\Core\PasswordCode
public function needsRehash($hash) { // Check whether this was an updated password. if ((substr($hash, 0, 3) != '$S$') || (strlen($hash) != static::HASH_LENGTH)) { return TRUE; } // Ensure that $count_log2 is within set bounds. $count_log2 = $this->enforceLog2Boundaries($this->countLog2); // Check whether the iteration count used differs from the standard number. return ($this->getCountLog2($hash) !== $count_log2); }
© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Core!Password!PhpassHashedPassword.php/function/PhpassHashedPassword::needsRehash/8.1.x