Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sync password #793

Merged
merged 1 commit into from
Sep 27, 2023
Merged

Sync password #793

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 9 additions & 9 deletions reference/password/functions/password-hash.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->
<!-- EN-Revision: 4316a792b72cd8fc0f36a355920a406b6bf123b8 Maintainer: daijie Status: ready -->
<!-- EN-Revision: c6b95280cf10b6b252683ee7d86416c4c27deb4e Maintainer: daijie Status: ready -->
<!-- CREDITS: Luffy, mowangjuanzi -->
<refentry xml:id="function.password-hash" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
<refnamediv>
Expand Down Expand Up @@ -281,13 +281,13 @@ $2y$12$QjSH496pcT5CEbzjD/vtVeH03tfHKFy36d4J0Ltp3lRtee9HDxY3K
/**
* 这个示例对服务器做了基准测试(benchmark),检测服务器能承受多高的 cost
* 在不明显拖慢服务器的情况下可以设置最高的值
* 8-10 是个不错的底线,在服务器够快的情况下,越高越好。
* 以下代码目标为 ≤ 50 毫秒(milliseconds),
* 适合系统处理交互登录
* 10 是个不错的底线,在服务器够快的情况下,越高越好。
* 以下代码目标为 ≤ 350 毫秒(milliseconds),
* 对于处理交互式登录的系统来说,这是一个合适的延迟时间
*/
$timeTarget = 0.05; // 50 毫秒(milliseconds)
$timeTarget = 0.350; // 350 毫秒(milliseconds)

$cost = 8;
$cost = 10;
do {
$cost++;
$start = microtime(true);
Expand All @@ -302,7 +302,7 @@ echo "Appropriate Cost Found: " . $cost;
&example.outputs.similar;
<screen>
<![CDATA[
Appropriate Cost Found: 10
Appropriate Cost Found: 12
]]>
</screen>
</example>
Expand Down Expand Up @@ -335,12 +335,12 @@ Argon2i hash: $argon2i$v=19$m=1024,t=2,p=2$YzJBSzV4TUhkMzc3d3laeg$zqU/1IN0/AogfP
</para>
<para>
就像以上提及的,在 PHP 7.0 提供 <literal>salt</literal>选项会导致废弃(deprecation)警告。
未来的 PHP 发行版里,手动提供盐值的功能可能会被删掉
未来的 PHP 发行版里,手动提供盐值的功能已经在 PHP 8.0 移除
</para>
</caution>
<note>
<para>
在交互的系统上,推荐在自己的服务器上测试此函数,调整 cost 参数直至函数时间开销小于 100 毫秒(milliseconds)。
在交互的系统上,推荐在自己的服务器上测试此函数,调整 cost 参数直至函数时间开销小于 350 毫秒(milliseconds)。
上面脚本的示例会帮助选择合适硬件的最佳 cost。
</para>
</note>
Expand Down
19 changes: 10 additions & 9 deletions reference/password/functions/password-needs-rehash.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->
<!-- EN-Revision: 39148ec514f3868668483448015e8b97b3265953 Maintainer: daijie Status: ready -->
<!-- Reviewed: no -->
<!-- EN-Revision: ff492e168a557e4dd17574023b7c3cb21b14df3b Maintainer: daijie Status: ready -->
<!-- CREDITS: Luffy -->

<refentry xml:id="function.password-needs-rehash" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
Expand Down Expand Up @@ -100,19 +99,21 @@
$password = 'rasmuslerdorf';
$hash = '$2y$10$YCFsG6elYca568hBi2pZ0.3LDL5wjgxct1N8w/oLR/jfHsiQwCqTS';

// 当硬件性能得到改善时,cost 参数可以再修改
$options = array('cost' => 11);
$algorithm = PASSWORD_BCRYPT;
// bcrypt 的成本参数随着硬件的改进而可能发生变化
$options = ['cost' => 12];

// 根据明文密码验证储存的散列
if (password_verify($password, $hash)) {
// 检测是否有更新的可用散列算法
// 或者 cost 发生变化
if (password_needs_rehash($hash, PASSWORD_DEFAULT, $options)) {
// 检查算法或选项是否已经更改
if (password_needs_rehash($hash, $algorithm, $options)) {
// 如果是这样,则创建新散列,替换旧散列
$newHash = password_hash($password, PASSWORD_DEFAULT, $options);
$newHash = password_hash($password, $algorithm, $options);

// 使用 $newHash 更新用户记录
}

// 使用户登录
// 执行登录
}
?>
]]>
Expand Down
6 changes: 3 additions & 3 deletions reference/password/functions/password-verify.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision$ -->
<!-- EN-Revision: abc0c909d5a642fbc9008c5ed1a4c3ead5ecb9a2 Maintainer: daijie Status: ready -->
<!-- CREDITS: mowangjuanzi -->
<!-- EN-Revision: ba9021d03c30d208158471c45dc83613e3159edf Maintainer: daijie Status: ready -->
<!-- CREDITS: mowangjuanzi, Luffy -->
<refentry xml:id="function.password-verify" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
<refnamediv>
<refname>password_verify</refname>
Expand Down Expand Up @@ -70,7 +70,7 @@
<![CDATA[
<?php
// 想知道以下字符从哪里来,可参见 password_hash() 示例
$hash = '$2y$07$BCryptRequires22Chrcte/VlQH0piJtjXl.0t1XkA8pw9dMXTpOq';
$hash = '$2y$10$.vGA1O9wmRjrwAVXD98HNOgsNpDczlqm3Jq7KnEd1rVAGv3Fykk1a';

if (password_verify('rasmuslerdorf', $hash)) {
echo 'Password is valid!';
Expand Down