This package automates the common password Hash::needsRehash routine by hooking into the built-in event system.
When a user register, Laravel uses bcrypt algorithm with a cost factor of 10 to hash passwords.
The problem is when you change the default hashing algorithm or
when Laravel eventually changes the default algorithm to argon2i
or PHP recommended PASSWORD_DEFAULT constant changes, and you want to keep up
or simply want to upgrade the cost factor of bcrypt; your changes will only be reflected on newly registered users or when existing users change their password.
You have to implement a common routine task to upgrade users' password hash by checking Hash::needsRehash whenever the user provides a valid credential.
- PHP 7.2 or greater and 8.0.2 or greater
- Laravel 6.x || 7.x || 8.x || 9.x || 10.x
composer require samasend/laravel-needs-auto-rehashThat's it, you just need to install the package. 🚀
- This magical package listen for the built-in
Illuminate\Auth\Events\Attemptingevent fired from the framework and validate the credentials using the built-in infrastructure. - If the user password needs rehashing, it will rehash the password and update the model.
Fork it
Create your feature branch (git checkout -b my-new-feature)
Commit your changes (git commit -am 'Add some feature')
Push to the branch (git push origin my-new-feature)
Create new Pull Request