lisone/EasyAdmin8
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(auth): upgrade password hashing to PHP's password_hash

Browse Source 
- Replace custom password hashing function with PHP's built-in password_hash
- Update password verification to use password_verify
- Adjust database schema to accommodate new password hash length
- Modify installation and login controllers to use new hashing method
This commit is contained in:
wolfcode
2025-06-18 11:51:12 +08:00
parent 216ca6e697
commit 4ed8237a00
4 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/admin/controller/Index.php
View File

@@ -109,7 +109,7 @@ class Index extends AdminController
try {
$save = $row->save([
'password' => password($post['password']),
'password' => password_hash($post['password'], PASSWORD_DEFAULT),
]);
}catch (Exception $e) {
$this->error('保存失败');

2
app/admin/controller/Login.php
View File

@@ -53,7 +53,7 @@ class Login extends AdminController
if (empty($admin)) {
$this->error('用户不存在');
}
if (password($post['password']) != $admin->password) {
if (!password_verify($post['password'], $admin->password)) {
$this->error('密码输入有误');
}
if ($admin->status == 0) {

8
app/index/controller/Install.php
View File

@@ -105,12 +105,12 @@ class Install extends BaseController
foreach ($sqlArray as $sql) {
$pdo->query($sql);
}
$_password = password($password);
$tableName = 'system_admin';
$update = [
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
$tableName = 'system_admin';
$update = [
'username' => $username,
'head_img' => '/static/admin/images/head.jpg',
'password' => $_password,
'password' => $hashedPassword,
'create_time' => time(),
'update_time' => time()
];

2
config/install/sql/install.sql
View File

@@ -88,7 +88,7 @@ CREATE TABLE `ea_system_admin`
`auth_ids` varchar(255) DEFAULT NULL COMMENT '角色权限ID',
`head_img` varchar(255) DEFAULT NULL COMMENT '头像',
`username` varchar(50) NOT NULL DEFAULT '' COMMENT '用户登录名',
`password` char(40) NOT NULL DEFAULT '' COMMENT '用户登录密码',
`password` varchar(255) NOT NULL DEFAULT '' COMMENT '用户登录密码',
`phone` varchar(16) DEFAULT NULL COMMENT '联系手机号',
`remark` varchar(255) DEFAULT '' COMMENT '备注说明',
`login_num` bigint(20) unsigned DEFAULT '0' COMMENT '登录次数',