Hashing

Lithe offers a security module called Hash with methods to create and verify hashes of sensitive data using the Bcrypt algorithm. Bcrypt is widely recognized for its security and efficiency in protecting passwords and other sensitive data.

Using Hash

Creating a Hash

You can create a hash from a string using the make method provided by Lithe's Hash security module. All hashes are generated using the Bcrypt algorithm.

use Lithe\Http\Request;
use Lithe\Http\Response;
use Lithe\Support\Security\Hash;
use function Lithe\Orbs\Http\Router\{get, post, route};

post('/user/register', function (Request $req, Response $res) {
    // Creating a hash for the 'password' field from the request body
    $hashedPassword = Hash::make($req->input('input'));

    // ...

    // Returning the response
    return $res->send("User registered successfully!");
});

Verifying a Hash

You can check if a string matches a hash using the check method provided by Lithe's Hash security module.

use Lithe\Support\Security\Hash;

$valid = Hash::check($plainPassword, $hashedPassword);

If the string matches the provided hash, the method returns true. Otherwise, it returns false.

Rehashing a Value

You can check if a hash needs rehashing and, if necessary, create a new hash with a different cost using the needsRehash method provided by Lithe's Hash security module.

use Lithe\Support\Security\Hash;

$needsRehash = Hash::needsRehash($hashedPassword, ['cost' => 12]);

If the hash needs rehashing, the method returns true. Otherwise, it returns false.

To handle rehashing appropriately, it is recommended to check if the hash needs rehashing and, if necessary, create a new hash and update the stored hash.

use Lithe\Support\Security\Hash;

if (Hash::needsRehash($hashedPassword, ['cost' => 12])) {
    $newHashedPassword = Hash::make($plainPassword, ['cost' => 12]);
    // Update the hash stored in the database
}

Encryption

Integration

Hashing

Using Hash

Creating a Hash

Verifying a Hash

Rehashing a Value

On this page