changed needsHash and add CHANGELOG.md

Author: solital

.gitignore

@@ -1,2 +1,3 @@
 vendor/
-composer.lock
+composer.lock
+index.php

CHANGELOG.md

@@ -0,0 +1,21 @@
+# Released Notes
+
+## v0.2.0 - (2021-04-20)
+
+### Changed
+
+- Changed `needsHash` method
+
+-----------------------------------------------------------
+## v0.1.1 - (2021-04-17)
+
+### Added
+
+- Added license
+
+-----------------------------------------------------------
+## v0.1.0 - (2021-04-17)
+
+### Added
+
+- Added project

README.md

@@ -20,6 +20,7 @@ use SecurePassword\SecurePassword;
 $password = new SecurePassword();
 $hash = $password->createHash('my_password');
 
+/** Return string */
 var_dump($hash);
 ```
 
@@ -55,6 +56,7 @@ To return the information of the created hash, use `$info` as `true`.
 ```php
 $hash = $password->createHash('my_password', true);
 
+/** Return array */
 var_dump($hash);
 ```
 
@@ -66,6 +68,7 @@ Checks whether the hash in `$hash` is valid. If the hash entered does not match
 $hash = $password->createHash('my_password');
 $res = $password->verifyHash('my_password', $hash);
 
+/** Return bool */
 var_dump($res);
 ```
 
@@ -79,11 +82,11 @@ $res = $password->useArgon2()->verifyHash('my_password', $hash);
 var_dump($res);
 ```
 
-If the encryption type has been changed, you can generate a new hash with the new encryption. Use `true` for the last parameter.
+If the encryption type has been changed, you can generate a new hash with the new encryption. The `needsHash()` method checks whether the reported hash needs to be regenerated. Otherwise, it will return false.
 
 ```php
 $hash = $password->useArgon2()->createHash('my_password');
-$res = $password->useArgon2()->verifyHash('my_password', $hash, true);
+$needs = $password->useDefault()->needsRehash('my_password', $hash);
 
 /** Return bool or string */
 var_dump($res);
@@ -128,6 +131,7 @@ Here's a quick little function that will help you determine what cost parameter
 $password = new SecurePassword();
 $cost = $password->getOptimalBcryptCost();
 
+/** Return int */
 var_dump($cost);
 ```
 

src/SecurePassword.php

@@ -17,6 +17,10 @@ class SecurePassword extends HashAlgorithm
      */
     public function __construct()
     {
+        if (empty($this->algo)) {
+            $this->algo = self::DEFAULT;
+        }
+
         $this->setPepper();
     }
 
@@ -52,10 +56,6 @@ public function getPepper(): string
      */
     public function createHash(string $password, bool $info = false)
     {
-        if (empty($this->algo)) {
-            $this->algo = self::DEFAULT;
-        }
-
         $pwd_peppered = $this->passwordPeppered($password);
         $pwd_hashed = password_hash($pwd_peppered, $this->algo, $this->options);
 
@@ -73,32 +73,25 @@ public function createHash(string $password, bool $info = false)
      * 
      * @param string $password
      * @param string $hash
-     * @param bool $verify_needs_rehash
      * 
      * @return mixed
      */
-    public function verifyHash(string $password, $hash, bool $verify_needs_rehash = false)
+    public function verifyHash(string $password, $hash)
     {
         if (is_array($hash)) {
             throw new HashException("You are returning the hash information. Enter 'false' in the 'createHash' method");
         }
 
-        if (empty($this->algo)) {
-            $this->algo = self::DEFAULT;
-        }
-
         $pph_strt = microtime(true);
         $pwd_peppered = $this->passwordPeppered($password);
 
         if (password_verify($pwd_peppered, $hash)) {
             try {
-                return $this->needsRehash($password, $hash, $verify_needs_rehash);
+                return true;
             } finally {
                 $end = (microtime(true) - $pph_strt);
                 $wait = bcmul((1 - $end), 1000000);  // usleep(250000) 1/4 of a second
                 usleep($wait);
-
-                #echo "<br>Execution time:" . (microtime(true) - $pph_strt) . "; ";
             }
         } else {
             return false;
@@ -133,22 +126,17 @@ public function getOptimalBcryptCost(int $min_ms = 250, string $password = "test
      * 
      * @param string $password
      * @param string $hash
-     * @param bool $verify
      * 
      * @return mixed
      */
-    private function needsRehash(string $password, string $hash, bool $verify)
+    public function needsRehash(string $password, string $hash)
     {
-        if ($verify == true) {
-            if (password_needs_rehash($hash, $this->algo)) {
-                $newHash = $this->createHash($password);
+        if (password_needs_rehash($hash, $this->algo)) {
+            $newHash = $this->createHash($password);
 
-                return $newHash;
-            } else {
-                return true;
-            }
+            return $newHash;
         } else {
-            return true;
+            return false;
         }
     }