* // Create a Bcrypt hash of a value * $hash = Hasher::hash('secret'); * * // Use a specified number of iterations when creating the hash * $hash = Hasher::hash('secret', 12); * * * @param string $value * @param int $rounds * @return string */ public static function hash($value, $rounds = 8) { return crypt($value, '$2a$'.str_pad($rounds, 2, '0', STR_PAD_LEFT).'$'.static::salt()); } /** * Determine if an unhashed value matches a given Bcrypt hash. * * Since the number of rounds is included in the Bcrypt hash, it is not * necessary to specify the rounds when calling this method. * * @param string $value * @param string $hash * @return bool */ public static function check($value, $hash) { return crypt($value, $hash) === $hash; } /** * Get a salt for use during Bcrypt hashing. * * @return string */ protected static function salt() { // If OpenSSL is installed, we will use it to gather random bytes for generating // the salt value. Otherwise, we will use the Str::random method. Bcrypt expects // the salt to be a 22 character alpha-numeric string. The salt may also contain // dots, plus signs, and forward slashes. if (function_exists('openssl_random_pseudo_bytes')) { return substr(strtr(base64_encode(openssl_random_pseudo_bytes(16)), '+', '.'), 0 , 22); } return substr(str_replace('+', '.', base64_encode(Str::random(40))), 0, 22); } }