cost and algorithm - Githubissues

nette / security

🔑 Provides authentication, authorization and a role-based access control management via ACL (Access Control List)

https://doc.nette.org/access-control

Other

357 stars 40 forks source link

cost and algorithm #31

Closed elcheco closed 6 years ago

elcheco commented 6 years ago

Version: latest

Bug Description

It's not a critical bug, but in hash method is used PASSWORD_DEFAULT constant and in needsRehash method is PASSSWORD_BCRYPT, it could maybe produce on php.ini settings some issues.

Also, the cost option is since PHP 7.0 deprecated.

As there's a possibility to use PASSWORD_ARGON2Isince PHP 7.2, maybe the algorithm could be part of the method's input parameters?

I could try to implement it if you want and agree.

dg commented 6 years ago

I fixed needsRehash.

Deprecated is salt, not cost.

This should be changed from static to object class and then used method can be passed to constructor.

elcheco commented 6 years ago

True 😄 🙈, thanks