I am learning api development with php now. While experimenting the password hashing i came up with a problem.
Initally i used bcrypt algorithm, it successfully works, but when i tried Argon2i or Argon2id it throws an error.
public function test_hash() {
if(isset($this->_request['pass'])) {
$hash = password_hash($this->_request['pass'], '2y', array('cost' => 10));
$input = "password";
if(password_verify($input, $hash)) {
echo "True" . "\n";
} else {
echo "False" . "\n";
}
$data = array("password" => $this->_request['pass'], "hashed pwd" => $hash);
$data = $this->json($data);
$this->response($data, 200);
}
}
for this :
http://localhost/api/test_hash?pass=password
I get resposnse as :
True
{
"password": "password",
"hashed pwd": "$2y$10$4M4qHHSN6S0y7h6xyW6XCuRNhW44xRFN5EjnHNTPZKzuBeXXHMe0e"
}
When i try Argon2i it doesn't works... i replaced the following line
$hash = password_hash($this->_request['pass'], 'argon2i');
i get response as...
500 Internal Server Error
I also checked for available algorithms...
php > $info = password_algos();
php > print_r($info);
Array
(
[0] => 2y
[1] => argon2i
[2] => argon2id
)