/**
* checking a password against a hash
*
* @param string $password Password
* @param string $hash Hash of stored password
* @param string $email
* @return bool
*/
function check($password, $hash, $email = '')
{
Timers::start('hash_check');
$password = $this->salt($password, $email);
if (PASSWORD_HASH == 'PBKDF2') {
$return = $this->pbkdf2_check($password, $hash, PBKDF2_SALT, PBKDF2_BINARY, PBKDF2_ITERATIONS, PBKDF2_KEY_LENGTH, PBKDF2_ALGORITHM);
} else {
if (PASSWORD_HASH == 'bcrypt') {
$return = $this->bcrypt_check($password, $hash);
} else {
if (PASSWORD_HASH == 'scrypt') {
$return = $this->scrypt_check($password, $hash, SCRYPT_PEPPER, SCRYPT_KEY_LENGTH);
}
}
}
Timers::stop('hash_check');
return $return;
}
