一,使用bcrypt實現加密和驗證的php代碼:
class Auth extends BaseController { /* *測試用bcrypt方式驗證密碼 * *@return \think\Response * */ public function testPass() { //原始密碼 $origPass = "123456"; echo "origPass:".$origPass.":<br/>"; //加密 $bcryptPass = password_hash($origPass, PASSWORD_DEFAULT); echo "password:".$bcryptPass.":<br/>"; //判斷密碼是否匹配 if (password_verify($origPass,$bcryptPass)) { echo "密碼正確"; } else { echo "密碼錯誤"; } echo "<br/>"; if (password_verify("123321",$bcryptPass)) { echo "密碼正確"; } else { echo "密碼錯誤"; } } }
說明:劉宏締的架構森林是一個專注架構的博客,
網站:https://blog.imgtouch.com
本文: https://blog.imgtouch.com/index.php/2023/05/29/thinkphp6-yong-bcrypt-jia-mi-sheng-cheng-mi-ma-php-8-1-1/
對應的源碼可以訪問這里獲取: https://github.com/liuhongdi/
或: https://gitee.com/liuhongdi
說明:作者:劉宏締 郵箱: 371125307@qq.com
二,測試bcrypt效果
訪問:
http://192.168.219.6:8000/auth/testpass
返回:
刷新:
多刷新兩次,可以發現每次加密后的密文都不一樣,這樣就加大了破解和碰撞的難度
三,查看php和thinkphp的版本:
php:
liuhongdi@lhdpc:/data/php/admapi$ php --version
PHP 8.1.1 (cli) (built: Dec 20 2021 16:12:16) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.1, Copyright (c) Zend Technologies
with Zend OPcache v8.1.1, Copyright (c), by Zend Technologies
thinkphp:
liuhongdi@lhdpc:/var/www/html$ cd /data/php/admapi/ liuhongdi@lhdpc:/data/php/admapi$ php think version v6.0.10LTS