Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
Compare Two Encrypted Bcrypt Passwords in Laravel
In Laravel, you can make use of the Hash facade module to work with passwords. It has bcrypt for helping you store your passwords securely.
The Hash facade bcrypt() method is a powerful way to hash a password. It prevents malicious users from breaking the password generated using bcrypt().
The hashing details are available inside config/hashing.php. The default driver has bcrypt() as the hashing to be used.
Hashing Passwords
To work with Hash Facade you need to include the class:
Illuminate\Support\Facades\Hash
Example
To hash passwords you can use the make() method. Here is an example of a hash password
<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Models\Student; use Illuminate\Support\Facades\Hash; class StudentController extends Controller { public function index() { echo $hashed = Hash::make('password', [ 'rounds' => 15, ]); } }
Output
The output of the above code is
$2y$15$QKYQhdKcDSsMmIXZmwyF/.sihzQDhxtgF5WNiy4fdocNm6LiVihZi
Verifying if the password matches with a hashed password
To verify the plain text i.e the text used in Hash::make is matching with the hashed one is to use check() method.
The check() method returns true if the plain text matches the hashed password and false if it's not matching.
<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Models\Student; use Illuminate\Support\Facades\Hash; class StudentController extends Controller { public function index() { $hashed = Hash::make('password', [ 'rounds' => 15, ]); if (Hash::check('password', $hashed)) { echo "Password matching"; } else { echo "Password is not matching"; } } }
Output
The output of the above code is
Password matching
Using the check() method
Let us now test by giving the wrong plain text and see the check() method response.
<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Models\Student; use Illuminate\Support\Facades\Hash; class StudentController extends Controller { public function index() { $hashed = Hash::make('password', [ 'rounds' => 15, ]); if (Hash::check('password123', $hashed)) { echo "Password matching"; } else { echo "Password is not matching"; } } }
The plain text that we used in hashing is "password". Inside the check method, we used "password123", since the text is not matching with hashed text it gives the output "Password is not matching".
Output
When you execute inside the browser the output will be -
Password is not matching
Hashing the password twice
Let us now hash the same text twice and compare it in the check() method ?
$testhash1 = Hash::make('mypassword'); $testhash2 = Hash::make('mypassword'); if (Hash::check('mypassword', $testhash1) && Hash::check('mypassword', $testhash2)) { echo "Password matching"; } else { echo "Password not matching"; }
You can test the complete code in the browser as shown below ?
<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Models\Student; use Illuminate\Support\Facades\Hash; class StudentController extends Controller { public function index() { $testhash1 = Hash::make('mypassword'); $testhash2 = Hash::make('mypassword'); if (Hash::check('mypassword', $testhash1) && Hash::check('mypassword', $testhash2)) { echo "Password matching"; } else { echo "Password not matching"; } } }
Output
The output of the above code is ?
Password matching
Using the bcrypt() method
You can also try using the bcrypt() method and test the plain text with hashed one using Hash::check().
<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Models\Student; use Illuminate\Support\Facades\Hash; class StudentController extends Controller { public function index() { $hashedtext = bcrypt('mypassword'); if (Hash::check('mypassword', $hashedtext)) { echo 'Password matches'; } else{ echo 'Password not matching'; } } }
Output
The output of the above code is -
Password matches
7K+ Views
