Zend 2 Auth with Bcrypt?

Question

Google doesn't have much of a solution (similar question but no answer).

Because bcrypt generates a new hash each time, the authentication fails. I've looked into the code (perhaps extend class myself) but it's pretty messy (would prefer a native solution). How can I use the $bcrpt->verify() with $identity->isValid()?

Edit: For now, I've subclassed the authentication DbTable class, and it's working, but I highly doubt it's optimized/"fully right". Still looking for an "elegant" solution.

Answer 1

You can use:

Zend\Authentication\Adapter\DbTable\CallbackCheckAdapter

Like this :

use Zend\Authentication\Adapter\DbTable\CallbackCheckAdapter as AuthAdapter;
use Zend\Crypt\Password\Bcrypt;    

$credentialValidationCallback = function($dbCredential, $requestCredential) {
    return (new Bcrypt())->verify($requestCredential, $dbCredential);
};
$authAdapter = new AuthAdapter($dbAdapter, 'user', 'login', 'password', $credentialValidationCallback);
// ...