Changelog History
-
v3.0.4 Changes
January 26, 2016๐ Password Validator is now PHP 7.0 compatible! Thanks to @nicoSWD for documentation updates and to @garethellis36 for the PHP 7.0 compatibility PR.
-
v3.0.3 Changes
March 25, 2015โก๏ธ Updates
wp-cli/php-cli-tools
dependency -
v3.0.2 Changes
September 18, 2014- ๐ Fixes a bug in
AbstractDecorator::isValid()
. - ๐ Renames a few args to match the
PasswordValidatorInterface
.
- ๐ Fixes a bug in
-
v3.0.1 Changes
May 14, 2014โฌ๏ธ Cleans up
UpgradeDecoratorTest
. -
v3.0.0 Changes
May 14, 2014๐ Password Validator now supports salts for legacy hashing
โ Adds an optional
$legacySalt
argument as the third argument toPasswordValidatorInterface::isValid
. This allows the use of a salt in the$validatorCallback
to validate legacy hashes in theUpgradeDecorator
. Usage of salts in theUpgradeDecorator
was previously not possible.Which means you can now ...
... use @karptonite's Rehashing Password Hashes password security upgrade technique, which I highly recommend. Please read and re-read his post, make sure you understand it, and then implement user authentication against the new hashes with Password Validator and the
UpgradeDecorator
(A sample implementation is demonstrated in theJeremyKendall\Password\Tests\Decorator\KarptoniteRehashUpgradeDecoratorTest
unit test).IMPORTANT: This is a backwards incompatible change
- The
PasswordValidatorInterface::isValid
method signature has changed - Only users of the
StorageDecorator
should be impacted.
If you're using the
StorageDecorator
, your call toPasswordValidatorInterface::isValid
must now include the$salt
argument, even if it's set tonull
.- <= 2.0.3:
$storageDecorator->isValid('password', 'hash', 'username');
= 3.0.0:
$storageDecorator->isValid('password', 'hash', $salt = null, 'username');
- The
-
v2.0.3 Changes
March 14, 2014๐ This release is to fix my Semantic Versioning mistake of releasing 1.0.0 as the production release after releasing 2.0.3-beta as the final beta. 2.0.3 === 1.0.0. The version number is solely intended to get back on track with semver.
-
v2.0.3-beta Changes
February 15, 2014 -
v2.0.2-beta Changes
January 29, 2014- ๐ Fixes rehash bug
password_needs_rehash
didn't get options passedpassword_needs_rehash
always returnedtrue
when cost != 10
- โก๏ธ Various housekeeping/cruft updates
- ๐ Fixes rehash bug
-
v2.0.1-beta Changes
January 12, 2014- ๐ Updates documentation
-
v1.0.0
February 17, 2014