Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Laravel D7 Password
Readme

Laravel D7 Password Laravel Package

selfsimilar/laravel-d7-password

View on GitHub
Deep Wiki
Context7

Laravel Drupal 7 Password

Build Status

This Laravel 8 package provides an easy way to create and check against Drupal 7 password hashes. Drupal is not required.

Installation

Step 1: Composer

Begin by installing this package through Composer. Edit your project's composer.json file to require selfsimilar/laravel-d7-password.

"require": {
  "selfsimilar/laravel-d7-password": "~0.1.2"
}

Next, update Composer from the Terminal:

composer update

Step 2: Register Laravel Service Provider

Once this operation completes, the final step is to register the service provider.

  • Laravel 5-8.x: Open config/app.php, and add a new item to the providers array
'Selfsimilar\D7Password\D7PasswordProvider'

Usage

Add a use statement for the D7Password facade

use Selfsimilar\D7Password\Facades\D7Password;

make() - Create Password Hash

Similar to the Drupal user_hash_password() function

$hashed_password = D7Password::make('plain-text-password');

check() - Check Password Hash

Similar to the Drupal user_check_password() function

$password = 'plain-text-password';
$d7_hashed_password = '$S$B7TRc6vrwCfjgKLZLgmN.dmPo6msZR.';

if ( D7Password::check($password, $d7_hashed_password) ) {
    // Password success!
} else {
    // Password failed :(
}

Dependency Injection

I used a facade above to simplify the documentation. If you'd prefer not to use the facade, you can inject the following interface: Selfsimilar\D7Password\Contracts\D7Password.

Recommendations

While you could in principle register and use the D7PasswordHasher as the default hasher and leave the passwords alone, you can also update the passwords to the better and more secure Laravel default Bcrypt algorithm. When authenticating, first check using the default hasher, and if that fails, check again with the Drupal 7 Hasher. If that succeeds, simply update the password hash for future logins.

As an example, assuming you have a fresh Laravel 8 application using Fortify (or Jetstream which uses Fortify), make the following changes to app/Providers/FortifyServiceProvider.php.

Import the following:

use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Selfsimilar\D7Password\Facades\D7Password as D7Hash;

Add this to the boot() method:

Fortify::authenticateUsing(function (Request $request) {
  $user = User::where('email', $request->email)->first();

  if ($user) {
    if (Hash::check($request->password, $user->password)) {
      return $user;
    }
    else {
      if (D7Hash::check($request->password, $user->password)) {
        $user->update(['password' => Hash::make($request->password)]);
        return $user;
      }
    }
  }
});
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
nasirkhan/laravel-sharekit
directorytree/privacy-filter-classifier
directorytree/privacy-filter
datacore/hub-sdk
develia/commons
cuci/prototurk-sdk
cuci/prototurk-sdk-symfony
develia/geo-bundle
dreamzy/livewire-charts
touchestate-sdk/php-sdk
22h/doctrine-garbage-collection-bundle
agtp/agtp-php
agtp/mod-php
splash/sonata-admin
splash/metadata
splash/openapi
splash/scopes
splash/toolkit
testo/output-teamcity
testo/bridge-symfony