Hash::make
will generate a new hash each time even though the value being hashed is the same. That's just how it works. Some things worth checking:
Just tested it without explicitly doing Hash::make() and it seems to be working. I'm using Magniloquent and have only skimmed the documentation for it so it must be automatically hashing the password because the field is called password.
jasonlewis said:
Hash::make
will generate a new hash each time even though the value being hashed is the same. That's just how it works. Some things worth checking:
Hash::make should not make give different responses for the same value. The same value should receive the same value else how would you ever be able to compare? Like a given input password and a stored hashed password.
bweston92 said:
Hash::make should not make give different responses for the same value. The same value should receive the same value else how would you ever be able to compare? Like a given input password and a stored hashed password.
Hash::make() generates a random salt each time it's run, so as to make the hash more secure. As I understand it, that's why it returns a different value each time you run it.
bweston92 said:
jasonlewis said:
Hash::make
will generate a new hash each time even though the value being hashed is the same. That's just how it works. Some things worth checking:Hash::make should not make give different responses for the same value. The same value should receive the same value else how would you ever be able to compare? Like a given input password and a stored hashed password.
jscrilla is correct, Laravel uses Bcrypt, and a new salt is generated each time you use Hash::make. so you will get a different hash each time. Older. insecure methods such as MD5 do not return unique hashes and are generally frowned upon.
The mechanics of this aren't something I'm familiar with - but my basic understanding of it is that the salt is embedded in the hashed string, and that plus your app's encryption key (app/config.php) - allows Laravel to check for a match between plain text input and the stored hash (i.e. when authenticating a user login).
The Hash::check helper exists to help you compare a plain text string against a hashed version...
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community