public PhpassHashedPassword::needsRehash($hash)
Check whether a hashed password needs to be replaced with a new hash.
This is typically called during the login process when the plain text password is available. A new hash is needed when the desired iteration count has changed by a modification of the password-service in the dependency injection container or if the user's password hash was generated in an update like user_update_7000() (see the Drupal 7 documentation).
Parameters
string $hash: The existing hash to be checked.
Return value
bool TRUE if the hash is outdated and needs rehash.
Overrides PasswordInterface::needsRehash
File
- core/lib/Drupal/Core/Password/PhpassHashedPassword.php, line 257
Class
- PhpassHashedPassword
- Secure password hashing functions based on the Portable PHP password hashing framework.
Namespace
Drupal\Core\Password
Code
public function needsRehash($hash) { // Check whether this was an updated password. if ((substr($hash, 0, 3) != '$S$') || (strlen($hash) != static::HASH_LENGTH)) { return TRUE; } // Ensure that $count_log2 is within set bounds. $count_log2 = $this->enforceLog2Boundaries($this->countLog2); // Check whether the iteration count used differs from the standard number. return ($this->getCountLog2($hash) !== $count_log2); }
Please login to continue.