The Symfony/Password-Hasher is a PHP package that is typically used in securing applications. It provides password hashing utilities, granting developers an extra layer of security in their applications. This package allows for the creation and verification of secure hashes of plain passwords, making it an excellent tool to employ in the safeguarding of user data.
To use the Symfony/Password-Hasher, make sure you have composer installed. You can then pull in the package by running $ composer require symfony/password-hasher. Here's a simple usage example:
use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory;
// Configure different password hashers via the factory
$factory = new PasswordHasherFactory([
'common' => ['algorithm' => 'bcrypt'],
'memory-hard' => ['algorithm' => 'sodium'],
]);
// Retrieve the right password hasher by its name
$passwordHasher = $factory->getPasswordHasher('common');
// Hash a plain password
$hash = $passwordHasher->hash('plain'); // returns a bcrypt hash
// Verify that a given plain password matches the hash
$passwordHasher->verify($hash, 'wrong'); // returns false
$passwordHasher->verify($hash, 'plain'); // returns true (valid)
This script first creates a new instance of the PasswordHasherFactory. After, it configures bcrypt for general use and sodium for memory-hard tasks. Then, it retrieves a hasher and uses it to hash and verify a password.
To gain a deeper understanding about the Symfony/Password-Hasher package, the documentation is your best resource. You can access it via the following link: Symfony/Password-Hasher Documentation. This contains comprehensive information on how to use and configure the password hasher to meet your specific needs.
