Hash::check() checks algorithm now

laravel · Sep 13, 2018 · 6e02201 · 6e02201
1 parent 289c1e9
commit 6e02201
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 0 deletions.
diff --git a/hashing.md b/hashing.md
@@ -77,6 +77,8 @@ The `check` method allows you to verify that a given plain-text string correspon
         // The passwords match...
     }
 
+> {note} The supplied `$hashedPassword` has to match the algorithm you have configured.
+
 #### Checking If A Password Needs To Be Rehashed
 
 The `needsRehash` function allows you to determine if the work factor used by the hasher has changed since the password was hashed:

diff --git a/upgrade.md b/upgrade.md
@@ -297,6 +297,14 @@ Finally, when calling the `Auth::routes` method, you should pass the `verify` op
 
 The `readStream` and `writeStream` methods [have been added to the `Illuminate\Contracts\Filesystem\Filesystem` contract](https://github.com/laravel/framework/pull/23755). If you are implementing this interface, you should add these methods to your implementation.
 
+### Hashing
+
+#### `Hash:check` Method
+
+**Likelihood Of Impact: Medium**
+
+The `check` method now checks if the algorithm of the hash matches the configured algorithm.
+
 ### Mail
 
 #### Mailable Dynamic Variable Casing