function PhpassHashedPasswordBase::needsRehash
Same name and namespace in other branches
- 11.x core/lib/Drupal/Core/Password/PhpassHashedPasswordBase.php \Drupal\Core\Password\PhpassHashedPasswordBase::needsRehash()
Check whether a hashed password needs to be replaced with a new hash.
This is typically called during the login process in order to trigger the rehashing of the password, as in that stage, the plain text password is available.
This method returns TRUE if the password was hashed with an older algorithm.
Parameters
string|null $hash: The hash to be checked.
Return value
bool TRUE if the hash is outdated and needs rehash.
Overrides PasswordInterface::needsRehash
File
-
core/
lib/ Drupal/ Core/ Password/ PhpassHashedPasswordBase.php, line 308
Class
- PhpassHashedPasswordBase
- Legacy password hashing framework.
Namespace
Drupal\Core\PasswordCode
public function needsRehash(#[\SensitiveParameter] $hash) {
if (isset($this->corePassword)) {
return $this->corePassword
->needsRehash($hash);
}
// Check whether this was an updated password.
if (!str_starts_with($hash, '$S$') || strlen($hash) != static::HASH_LENGTH) {
return TRUE;
}
// Ensure that $count_log2 is within set bounds.
// @phpstan-ignore-next-line
$count_log2 = $this->enforceLog2Boundaries($this->countLog2);
// Check whether the iteration count used differs from the standard number.
return $this->getCountLog2($hash) !== $count_log2;
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.