Laravel Hashing: One Way Encryption

Hashing data is a common task in software development. Hashing is similar to encryption, with the difference that hashing is a one-way process. The goal is that the original message cannot be retrieved from the resulting hash. Hashing is accomplished through the use of a hash function. A hash function generally accepts some input, called a message and transforms the message to produce a given output, a digest. Laravel, as it does with many other things, defines a Illuminate\Contracts\Hashing\Hasher interface, which can be implemented to create new hashing providers that Laravel can use.

Any type that implements the Hasher interface must be able to generate a hash (by implementing the make($value, array $options = []) method), check that a value matches a hashed value (by implemented the check($value, $hashedValue, array $options = []) method) and a hasher must be able to determine if a given hashed value needs to be rehashed (by implementing the needsRehash($hashedValue, array $options = []) method).

Laravel internally utilizes a Hasher implementation in a few scenarios, mostly having to deal with users and their passwords. At the time of writing, Laravel uses hashing in the following classes/services:

Class	Purpose
Illumiante\Auth\EloquentUserProvider	Validates a user against credentials that are passed into the validateCredentials method.
Illumiante\Auth\DatabaseUserProvider	Validates a user against credentials that are passed into the validateCredentials method.

Laravel provides one Hasher implementation right out of the box: the Illuminate\Hashing\Bcrypt hasher, which provides bcrypt password hashing, a hashing function based on the Blowfish cipher. The Bcrypt hasher implements all methods defined in the Hasher interface, and also provides one extra: setRounds($rounds), which is used to set work factor for the bcrypt hashing function.

∎