bb38e544ee
Clock + SystemClock (DateTimeImmutable in UTC), TokenGenerator + RandomTokenGenerator (bin2hex(random_bytes(32)) -> 64-char hex), PasswordHasher + BcryptPasswordHasher (password_hash with PASSWORD_DEFAULT, password_verify). matching fakes: FakeClock with mutable setTime, FakeTokenGenerator with a pre-seeded queue (throws once exhausted), FakePasswordHasher returns 'hashed:<plain>' for deterministic test assertions. composer stan now passes --memory-limit=512M (default 128M overflows once larastan loads more rules).
16 lines
335 B
PHP
16 lines
335 B
PHP
<?php
|
|
|
|
namespace App\Auth;
|
|
|
|
class BcryptPasswordHasher implements PasswordHasher
|
|
{
|
|
public function hash(string $password): string
|
|
{
|
|
return password_hash($password, PASSWORD_DEFAULT);
|
|
}
|
|
|
|
public function verify(string $password, string $hash): bool
|
|
{
|
|
return password_verify($password, $hash);
|
|
}
|
|
}
|