PHP authentication

From Rixort Wiki

Revision as of 16:08, 8 April 2023 by Paul (Sọ̀rọ̀ | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to navigation Jump to search

Login

Store hash of password in database
Check password by fetching row based on username, then use password_verify (which is safe against timing attacks)
After a successful verification, call password_needs_rehash to see if the hash needs to be updated

Retrieved from ‘https://wiki.rixort.com/index.php?title=PHP_authentication&oldid=1339’