interface PasswordInterface

Same name and namespace in other branches
  1. 9 core/lib/Drupal/Core/Password/PasswordInterface.php \Drupal\Core\Password\PasswordInterface
  2. 8.9.x core/lib/Drupal/Core/Password/PasswordInterface.php \Drupal\Core\Password\PasswordInterface
  3. 11.x core/lib/Drupal/Core/Password/PasswordInterface.php \Drupal\Core\Password\PasswordInterface

Secure password hashing functions for user authentication.

Hierarchy

Expanded class hierarchy of PasswordInterface

All classes that implement PasswordInterface

6 files declare their use of PasswordInterface
EntityUser.php in core/modules/user/src/Plugin/migrate/destination/EntityUser.php
PasswordItemTest.php in core/tests/Drupal/KernelTests/Core/Field/FieldType/PasswordItemTest.php
PasswordVerifyTest.php in core/modules/phpass/tests/src/Unit/PasswordVerifyTest.php
PhpPasswordTest.php in core/tests/Drupal/Tests/Core/Password/PhpPasswordTest.php
UserAuth.php in core/modules/user/src/UserAuth.php

... See full list

File

core/lib/Drupal/Core/Password/PasswordInterface.php, line 8

Namespace

Drupal\Core\Password
View on git.drupalcode.org
View source 
interface PasswordInterface {
  
  /**
   * Maximum password length.
   */
  const PASSWORD_MAX_LENGTH = 512;
  
  /**
   * Hash a password using a secure hash.
   *
   * @param string $password
   *   A plain-text password.
   *
   * @return string
   *   A string containing the hashed password, or FALSE on failure.
   */
  public function hash(#[\SensitiveParameter] $password);
  
  /**
   * Check whether a plain text password matches a hashed password.
   *
   * @param string $password
   *   A plain-text password.
   * @param string|null $hash
   *   A hashed password.
   *
   * @return bool
   *   TRUE if the password is valid, FALSE if not.
   */
  public function check(#[\SensitiveParameter] $password, #[\SensitiveParameter] $hash);
  
  /**
   * Check whether a hashed password needs to be replaced with a new hash.
   *
   * This is typically called during the login process in order to trigger the
   * rehashing of the password, as in that stage, the plain text password is
   * available.
   *
   * This method returns TRUE if the password was hashed with an older
   * algorithm.
   *
   * @param string|null $hash
   *   The hash to be checked.
   *
   * @return bool
   *   TRUE if the hash is outdated and needs rehash.
   */
  public function needsRehash(#[\SensitiveParameter] $hash);

}

Members

Title Modifiers Object type Summary Overrides
PasswordInterface::check public function Check whether a plain text password matches a hashed password. 2
PasswordInterface::hash public function Hash a password using a secure hash. 2
PasswordInterface::needsRehash public function Check whether a hashed password needs to be replaced with a new hash. 2
PasswordInterface::PASSWORD_MAX_LENGTH constant Maximum password length.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.