I'm writing an API for my Website. For Auth. i use ZfcUser. Is it possible to check the Login Data?. Like my API get per Post username/email and the password. Now i want to check if the username/email and password are correct. Also i want create a User in Code. But my problem is that the same password in ZfcUser has different hashs. I know that ZfcUser use Bycrypt but i don't know how the Cost is. In ZfcUser i found this Line:
$bcrypt->setCost($this->getOptions()->getPasswordCost());
ZfcUser: https://github.com/ZF-Commons/ZfcUser
mfg ternes3
I have found the solution by my self :D. The default Cost is 10. And it's possible to verify the Password with Bcrypt.
$bycrypt->verify($pass, $passhash);
You get a boolean with this method ;D
The second solution is:
$newUser = new User();
$newUser->user_id = '';
$newUser->email = '';
$password = ''
$bcrypt = new Bcrypt();
$bcrypt->setCost(10);
$newUser->password = $bcrypt->create($password);
$userT->saveUser($newUser);
mfg ternes3