Replace Laravel’s Default Password Hash (Bcrypt) with Base64 Encode

the-best-password-managers-of-2017_rjb7

Laravel is one of the most popular Framework used for developing web applications and console based applications using PHP. Default password hashing used in Laravel is bcrypt. When you think about using another password hash mechanism, you will see, it is very easy to implemen since Laravel provides facility to create service providers easily. This below example gives an insight on how to create a service provider which replace the default password hash with Base64 Encode.

To start with we will create a class and write our password hash logic here. Here i created this class and placed in app/Lib folder . The class uses the App/Lib/CustomHash namespace. You can place the class inside any of the directories inside “app” folder and put an approprite namespace. This is the beauty of this framework which helps to create directory structure as per our choice. Composer will take care of the “autoloading” operation.

I have the following code block placed in my CustomHasher.php file.


namespace App\Libs\CustomHash;
use Illuminate\Contracts\Hashing\Hasher as HasherContract;
class CustomHasher implements HasherContract {
/**
* Hash the given value
* @param string $value
* @return array $options
* @return string
*/
public function make($value, array $options = array()) {
return base64_encode($value);
}
/**
* Check the given plain value against a hash.
*
* @param string $value
* @param string $hashedValue
* @param array $options
* @return bool
*/
public function check($value, $hashedValue, array $options = array()) {
return $this->make($value) === $hashedValue;
}
/**
* Check if the given hash has been hashed using the given options.
*
* @param string $hashedValue
* @param array $options
* @return bool
*/
public function needsRehash($hashedValue, array $options = array()) {
return false;
}
}

In the above code, you can see the class actually implements “HasherContract” which is a contract to the hash service offered by Laravel.
Actual password hash resides in the make() method . I have used the base64_encode() function as the password hash. Now our password hash service is ready. We can offer this feature as a service to other application logic. We can achive this by creating a service provider.

Here i create a filder CustomHashServiceProvider.php inside app/Providers directory. Code inside the CustomHashServiceProvider.php file as follows:


namespace App\Providers;
use Illuminate\Hashing\HashServiceProvider;
use App\Libs\CustomHash\CustomHasher as CustomHasher;
class CustomHashServiceProvider extends HashServiceProvider
{
public function register()
{
$this->app->singleton('hash', function () {
return new CustomHasher;
}
}

From the above code, register() method binds the CustomHasher class with the service container and makes it available to the other part of the application. Next we should add this service in our app config file. Modify the app.php file inside config directory.
In the providers array, remove or comment following line .

Illuminate\Hashing\HashServiceProvider::class,

Add below line of code.

App\Providers\CustomHashServiceProvider::class

Now the default password hash method is replaced by the base64_encode function through our service and we are done !

You can see the implementation in GitHub

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s