/** * Manually encrypt password * * @param string $password * @param string $salt * * @return string|bool Returns false on failure, encrypted string otherwise */ public function encryptPassword($password, $salt = null) { if (!is_string($this->password_encryption) && is_callable($this->password_encryption)) { $e = $this->password_encryption; return $e($password, $salt); } if ($this->password_encryption) { $this->debug("Encrypting password: '******' with " . $this->password_encryption . ' salt=' . $salt); } switch ($this->password_encryption) { case null: return $password; case 'php': // returns false on failure return password_hash($password, $this->hash_algo, $this->hash_options); case 'sha256/salt': if ($salt === null) { throw $this->exception('sha256 requires salt (2nd argument to encryptPassword and is normaly an email)'); } $key = $this->app->getConfig('auth/key', $this->app->name); if ($this->password_encryption) { $this->debug('Using key ' . $key); } return hash_hmac('sha256', $password . $salt, $key); case 'sha1': return sha1($password); case 'md5': return md5($password); case 'rot13': return str_rot13($password); default: throw $this->exception('No such encryption method')->addMoreInfo('encryption', $this->password_encryption); } }