(PHP 7 >= 7.2.0, PHP 8)
sodium_crypto_pwhash_str_verify — Verifies that a password matches a hash
$hash
, string $password
) : boolChecks that a password hash created using sodium_crypto_pwhash_str() matches a given plain-text password. Note that the parameters are in the opposite order to the same parameters in the similar password_hash() function.
hash
一个由 password_hash() 创建的散列值。
password
用户的密码。
Returns true
if the password and hash match, or false
otherwise.
Note:
Hashes are calculated using the Argon2ID algorithm, providing resistance to both GPU and side-channel attacks.