function PhpPasswordTest::testPasswordRehashing

Same name in other branches
  1. 10 core/tests/Drupal/Tests/Core/Password/PhpPasswordTest.php \Drupal\Tests\Core\Password\PhpPasswordTest::testPasswordRehashing()

Tests password rehashing.

@covers ::hash @covers ::check @covers ::needsRehash

File

core/tests/Drupal/Tests/Core/Password/PhpPasswordTest.php, line 73

Class

PhpPasswordTest
Unit tests for password hashing API.

Namespace

Drupal\Tests\Core\Password

Code

public function testPasswordRehashing() : void {
    // Increment the cost by one.
    $strongHasher = new PhpPassword(PASSWORD_BCRYPT, [
        'cost' => 6,
    ]);
    $this->assertTrue($strongHasher->needsRehash($this->passwordHash), 'Needs a new hash after incrementing the cost option.');
    // Re-hash the password.
    $rehashedPassword = $strongHasher->hash($this->password);
    $this->assertNotEquals($rehashedPassword, $this->passwordHash, 'Password hash changed again.');
    // Now the hash should be OK.
    $this->assertFalse($strongHasher->needsRehash($rehashedPassword), 'Re-hashed password does not need a new hash.');
    $this->assertTrue($strongHasher->check($this->password, $rehashedPassword), 'Password check succeeds with re-hashed password.');
    $this->assertTrue($this->passwordHasher
        ->check($this->password, $rehashedPassword), 'Password check succeeds with re-hashed password with original hasher.');
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.