Adaption of PHPPass (0.3) for use as a CodeIgniter Bcrypt library.
Allowed for the use of a separate config file, adjusted for some CodeIgniter configurability, added the scope of functions, changed hashing and checking functions to meet CodeIgniter standards for function names.
- Place
Bcrypt.phpin yourapplication/librariesfolder. - Place
bcrypt.phpin yourapplication/configfolder. - Adjust options in the config file as neccessary.
First, load the Bcrypt library or autoload it in config/autoload.php.
$this->load->library('bcrypt');
To hash a password, simply pass the string to hash_password().
$password = 'hunter2';
$hash = $this->bcrypt->hash_password($password);
The function will return the hashed password or * on error.
To check a hash password, simply pass the string and stored password to check_password().
$password = 'hunter2';
if ($this->bcrypt->check_password($password, $stored_hash))
{
// Password does match stored password.
}
else
{
// Password does not match stored password.
}
The function will return TRUE or FALSE dependant on success.
//For the model
function getUserByLogin($login, $password) {
$this->db->where('login',$login);
$result = $this->getUsers($password);
if (!empty($result)) {
return $result;
} else {
return null;
}
}
function getUsers($password) { $query = $this->db->get('users');
if ($query->num_rows() > 0) {
$result = $query->row_array();
if ($this->bcrypt->check_password($password, $result['password'])) {
//We're good
return $result;
} else {
//Wrong password
return array();
}
} else {
return array();
}
}