PHP : Change password encryption from md5 to bcrypt

Watch the guide

28 steps

7 months ago

1
Find the token folder in the generated PHP API
Find the token folder in the generated PHP API
2
The token.php configuration file stores all the settings for your JWT token, including the expiration datetime and issuer.
The token.php configuration file stores all the settings for your JWT token, including the expiration datetime and issuer.
3
The Generate.php file is used to create a token when the "Token Generation" endpoint is called with a valid username and password.
The Generate.php file is used to create a token when the "Token Generation" endpoint is called with a valid username and password.
4
The `Validatetoken.php` file is used to validate the token for each request.
The `Validatetoken.php` file is used to validate the token for each request.
5
Open generate.php file (I am using VS code but you can open in normal notepad also)
Open generate.php file (I am using VS code but you can open in normal notepad also)
6
To implement bcrypt encryption, we need to update this part of the code that currently uses MD5 encryption.
To implement bcrypt encryption, we need to update this part of the code that currently uses MD5 encryption.
7
Validate if the hash stored in the database matches the hash of the user-provided input.
Validate if the hash stored in the database matches the hash of the user-provided input.
8
Let's examine the changes needed on the SQL query side.
Let's examine the changes needed on the SQL query side.
9
Open the "object" folder. This folder contains all the database operations for each table.
Open the "object" folder. This folder contains all the database operations for each table.
10
11
Open the file corresponding to the table that stores user data. In my case, it's the `users` table, so I have a `users.php` file in my "object" folder.
Open the file corresponding to the table that stores user data. In my case, it's the `users` table, so I have a `users.php` file in my "object" folder.
12
13
Search for login_validation function
Search for login_validation function
14
15
Here we are selecting by username and password.
Here we are selecting by username and password.
16
Passing 2 parameters. Lets change it to get by only username.
Passing 2 parameters. Lets change it to get by only username.
17
Removed  => AND t.password=?
Removed  => AND t.password=?
18
Removed 
$stmt->bindParam(2, $this->{password});
Removed&nbsp;<div>$stmt-&gt;bindParam(2, $this-&gt;{password});</div>
19
Save the file, and you’re done implementing bcrypt encryption. Now, let's test it in Postman.
Save the file, and you’re done implementing bcrypt encryption. Now, let's test it in Postman.
20
Collection for the generated API (Check the postman tutorial how to get this collection in postman)
Collection for the generated API (Check the postman tutorial how to get this collection in postman)
21
Endpoint to generate token
Endpoint to generate token
22
Provide your username & password 
Provide your username &amp; password&nbsp;
23
Click "Send"
Click "Send"
24
Token generated successfully
Token generated successfully
25
Click on View Environment Settings
Click on View Environment Settings
26
Token will be automatically set for futher api calls in postman.
Token will be automatically set for futher api calls in postman.
27
In Postman, you can obtain the code for the same API call in various programming languages.
In Postman, you can obtain the code for the same API call in various programming languages.
28
jQuery sample code for generating token.
jQuery sample code for generating token.