public static function verifyHashedPassword($user, $passwordGiven)
{
$bcrypt = new \Zend\Crypt\Password\Bcrypt(array('cost' => 10));
return $bcrypt->verify($passwordGiven, $user->getPassword());
}
<?php
return array('doctrine' => array('driver' => array('MyDoctrineAuth_Entities' => array('class' => 'Doctrine\\ORM\\Mapping\\Driver\\AnnotationDriver', 'cache' => 'array', 'paths' => array(__DIR__ . '/../src/MyDoctrineAuth/Entity')), 'orm_default' => array('drivers' => array('MyDoctrineAuth\\Entity' => 'MyDoctrineAuth_Entities'))), 'authentication' => array('orm_default' => array('object_manager' => 'Doctrine\\ORM\\EntityManager', 'identity_class' => 'MyDoctrineAuth\\Entity\\User', 'identity_property' => 'email', 'credential_property' => 'password', 'credential_callable' => function (\MyDoctrineAuth\Entity\User $user, $passwordGiven) {
// using Bcrypt
$bcrypt = new \Zend\Crypt\Password\Bcrypt();
$bcrypt->setSalt('m3s3Cr3tS4lty34h');
// $passwordGiven is unhashed password that inputted by user
// $user->getPassword() is hashed password that saved in db
return $bcrypt->verify($passwordGiven, $user->getPassword());
}))), 'doctrine_factories' => array('authenticationadapter' => 'MyDoctrineAuth\\Factory\\Authentication\\AdapterFactory'), 'service_manager' => array('factories' => array('Zend\\Authentication\\AuthenticationService' => function ($serviceManager) {
return $serviceManager->get('doctrine.authenticationservice.orm_default');
}), 'invokables' => array('MySampleListener' => 'MyDoctrineAuth\\Event\\MySampleListener')), 'controllers' => array('factories' => array('MyDoctrineAuth\\Controller\\Auth' => function ($controller) {
$authController = new \MyDoctrineAuth\Controller\AuthController($controller->getServiceLocator()->get('Zend\\Authentication\\AuthenticationService'));
return $authController;
})), 'router' => array('routes' => array('auth' => array('type' => 'Literal', 'options' => array('route' => '/auth', 'defaults' => array('__NAMESPACE__' => 'MyDoctrineAuth\\Controller', 'controller' => 'Auth', 'action' => 'index')), 'may_terminate' => true, 'child_routes' => array('process' => array('type' => 'Segment', 'options' => array('route' => '/[:action]', 'constraints' => array('controller' => '[a-zA-Z][a-zA-Z0-9_-]*', 'action' => '[a-zA-Z][a-zA-Z0-9_-]*'), 'defaults' => array())))), 'save-user' => array('type' => 'Literal', 'options' => array('route' => '/auth/save-user', 'defaults' => array('__NAMESPACE__' => 'MyDoctrineAuth\\Controller', 'controller' => 'Auth', 'action' => 'saveUser')), 'may_terminate' => true, 'child_routes' => array('process' => array('type' => 'Segment', 'options' => array('route' => '/[:action]', 'constraints' => array('controller' => '[a-zA-Z][a-zA-Z0-9_-]*', 'action' => '[a-zA-Z][a-zA-Z0-9_-]*'), 'defaults' => array())))), 'login' => array('type' => 'Literal', 'options' => array('route' => '/login', 'defaults' => array('__NAMESPACE__' => 'MyDoctrineAuth\\Controller', 'controller' => 'Auth', 'action' => 'login')), 'may_terminate' => true, 'child_routes' => array('process' => array('type' => 'Segment', 'options' => array('route' => '/[:action]', 'constraints' => array('controller' => '[a-zA-Z][a-zA-Z0-9_-]*', 'action' => '[a-zA-Z][a-zA-Z0-9_-]*'), 'defaults' => array())))))), 'view_manager' => array('template_path_stack' => array('auth' => __DIR__ . '/../view')));
<?php
/**
* Global Configuration Override
*
* You can use this file for overriding configuration values from modules, etc.
* You would place values in here that are agnostic to the environment and not
* sensitive to security.
*
* @NOTE: In practice, this file will typically be INCLUDED in your source
* control, so do not include passwords or other sensitive information in this
* file.
*/
return array('phpSettings' => array('display_startup_errors' => true, 'display_errors' => true, 'date.timezone' => 'Europe/Paris', 'intl.default_locale' => 'fr_FR'), 'doctrine' => array('entitymanager' => array('orm_default' => array('connection' => 'orm_default', 'configuration' => 'orm_default')), 'configuration' => array('orm_default' => array('proxy_dir' => __DIR__ . '/../../data/orm/proxies', 'proxy_namespace' => 'Orm\\Resource\\Proxy', 'generate_proxies' => false, 'metadata_cache' => 'array', 'query_cache' => 'array', 'result_cache' => 'array', 'driver' => 'orm_default')), 'authentication' => array('orm_default' => array('object_manager' => 'Doctrine\\ORM\\EntityManager', 'identity_class' => 'Application\\Entity\\User', 'identity_property' => 'email', 'credential_property' => 'password', 'credential_callable' => function ($identity, $credential) {
$bCrypt = new \Zend\Crypt\Password\Bcrypt();
return $bCrypt->verify($credential, $identity->getPassword());
}))), 'translator' => array('locale' => 'fr_FR', 'translation_file_patterns' => array(array('type' => 'phparray', 'base_dir' => __DIR__ . '/../../language', 'pattern' => '%s.php'))));
protected function verifyPassword($password, $hash)
{
$bcrypt = new \Zend\Crypt\Password\Bcrypt();
return $bcrypt->verify($password, $hash);
}
/**
* Verify Secured Password
*
* @return boolean
*/
public static function verifySecuredPassword($password, $securedPassword)
{
self::$bcrypt = self::init();
return self::$bcrypt->verify($password, $securedPassword);
}