README

This package automates the common password Hash::needsRehash routine by hooking into the built-in event system.

Use case

When a user register, Laravel uses bcrypt algorithm with a cost factor of 10 to hash passwords.

The problem is when you change the default hashing algorithm or when Laravel eventually changes the default algorithm to argon2i or PHP recommended PASSWORD_DEFAULT constant changes, and you want to keep up or simply want to upgrade the cost factor of bcrypt; your changes will only be reflected on newly registered users or when existing users change their password.

You have to implement a common routine task to upgrade users' password hash by checking Hash::needsRehash whenever the user provides a valid credential.

Prerequisites

• PHP 7.2 or greater and 8.0.2 or greater
• Laravel 6.x || 7.x || 8.x || 9.x || 10.x

Installation

composer require samasend/laravel-needs-auto-rehash

Basic Usage

That's it, you just need to install the package. 🚀

How does this works?

• This magical package listen for the built-in Illuminate\Auth\Events\Attempting event fired from the framework and validate the credentials using the built-in infrastructure.
• If the user password needs rehashing, it will rehash the password and update the model.

Contributing

Fork it
Create your feature branch (git checkout -b my-new-feature)
Commit your changes (git commit -am 'Add some feature')
Push to the branch (git push origin my-new-feature)
Create new Pull Request