ARGON2I password hashing

25 Sep
Laraship QuestionsCategory: TechnicalARGON2I password hashing
0 Vote Up Vote Down
st3fan asked 5 years ago
The default hashing is bcrypt, and as far as I can see the function password_hash does exist. Are we able to change the hashing to argon2i?
2 Answers
0 Vote Up Vote Down
laraship Staff answered 5 years ago
Hello, The default hashing driver for your application is configured in the config/hashing.php configuration file. There are currently three supported drivers: Bcrypt and Argon2 (Argon2i and Argon2id variants).   if hashing file is not there you can download it from here https://raw.githubusercontent.com/laravel/laravel/master/config/hashing.php  
Stefan Warmerdam replied 5 years ago

Hi,

There is no hashing.php in the config directory, can I safely copy the file and put it in there?

thoughts?

Stefan Warmerdam replied 5 years ago

also what about this function:

public function setPasswordAttribute($value)
{
$this->attributes[‘password’] = bcrypt($value);
}

this is in Corals/core/User/Models/User.php

Stefan Warmerdam replied 5 years ago

For testing I change the following driver hardcode to argon2id inside the bcrypt function, only then it will work.

if (! function_exists(‘bcrypt’)) {
/**
* Hash the given value against the bcrypt algorithm.
*
* @param string $value
* @param array $options
* @return string
*/
function bcrypt($value, $options = [])
{
return app(‘hash’)->driver(‘argon2id’)->make($value, $options);
}
}

vendor/laravel/framework/src/Illuminate/Foundation/helpers.php

Can you tell me best practice?

0 Vote Up Vote Down
laraship Staff answered 5 years ago
Hello, You're right, looks like bcrypt is supported for now, we will add this feature to our road map
Newer I need to call my created api through Subscribtion mddule
Older please explain how to add new module in laraship on user side