Elgg  Version master
Public Member Functions | List of all members
Elgg\PasswordService Class Reference

Password service. More...

Public Member Functions

 __construct ()
 Constructor. More...
 
 needsRehash (string $hash)
 Determine if the password hash needs to be rehashed. More...
 
 verify (string $password, string $hash)
 Verify a password against a hash using a timing attack resistant approach. More...
 
 generateHash (string $password)
 Hash a password for storage using password_hash() More...
 
 requestNewPassword (\ElggUser $user)
 Generate and send a password request email to a given user's registered email address. More...
 
 saveNewPassword (\ElggUser $user, string $conf_code, ?string $password=null)
 Validate and change password for a user. More...
 

Detailed Description

Password service.

Definition at line 13 of file PasswordService.php.

Constructor & Destructor Documentation

◆ __construct()

Elgg\PasswordService::__construct ( )

Constructor.

Exceptions
RuntimeException

Definition at line 20 of file PasswordService.php.

Member Function Documentation

◆ generateHash()

Elgg\PasswordService::generateHash ( string  $password)

Hash a password for storage using password_hash()

Parameters
string$passwordPassword in clear text
Returns
string|false

Definition at line 58 of file PasswordService.php.

◆ needsRehash()

Elgg\PasswordService::needsRehash ( string  $hash)

Determine if the password hash needs to be rehashed.

If the answer is true, after validating the password using password_verify, rehash it.

Parameters
string$hashThe hash to test
Returns
bool

Definition at line 35 of file PasswordService.php.

◆ requestNewPassword()

Elgg\PasswordService::requestNewPassword ( \ElggUser  $user)

Generate and send a password request email to a given user's registered email address.

Parameters
\ElggUser$userthe user to notify
Returns
void

Definition at line 69 of file PasswordService.php.

◆ saveNewPassword()

Elgg\PasswordService::saveNewPassword ( \ElggUser  $user,
string  $conf_code,
?string  $password = null 
)

Validate and change password for a user.

Parameters
\ElggUser$userThe user
string$conf_codeConfirmation code as sent in the request email.
string | null$passwordOptional new password, if not randomly generated.
Returns
bool
Since
4.3

Definition at line 90 of file PasswordService.php.

◆ verify()

Elgg\PasswordService::verify ( string  $password,
string  $hash 
)

Verify a password against a hash using a timing attack resistant approach.

Parameters
string$passwordThe password to verify
string$hashThe hash to verify against
Returns
bool

Definition at line 47 of file PasswordService.php.

The documentation for this class was generated from the following file:
Generated on Sun Oct 26 2025 00:02:05 for Elgg by doxygen 1.9.1