abstract class BasePasswordEncoder implements PasswordEncoderInterface

BasePasswordEncoder is the base class for all password encoders.

Constants

MAX_PASSWORD_LENGTH

Methods

array
demergePasswordAndSalt(string $mergedPasswordSalt)

Demerges a merge password and salt string.

string
mergePasswordAndSalt(string $password, string $salt)

Merges a password and a salt.

bool
comparePasswords(string $password1, string $password2)

Compares two passwords.

bool
isPasswordTooLong(string $password)

Checks if the password is too long.

Details

at line 30
protected array demergePasswordAndSalt(string $mergedPasswordSalt)

Demerges a merge password and salt string.

Parameters

string $mergedPasswordSalt The merged password and salt string

Return Value

array An array where the first element is the password and the second the salt

at line 58
protected string mergePasswordAndSalt(string $password, string $salt)

Merges a password and a salt.

Parameters

string $password The password to be used
string $salt The salt to be used

Return Value

string a merged password and salt

Exceptions

InvalidArgumentException

at line 82
protected bool comparePasswords(string $password1, string $password2)

Compares two passwords.

This method implements a constant-time algorithm to compare passwords to avoid (remote) timing attacks.

Parameters

string $password1 The first password
string $password2 The second password

Return Value

bool true if the two passwords are the same, false otherwise

at line 94
protected bool isPasswordTooLong(string $password)

Checks if the password is too long.

Parameters

string $password The password to check

Return Value

bool true if the password is too long, false otherwise