PHPackages                             selfsimilar/laravel-d7-password - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. selfsimilar/laravel-d7-password

ActiveLaravel-package[Security](/categories/security)

selfsimilar/laravel-d7-password
===============================

Laravel package that checks and creates Drupal 7 password hashes

v1.0.0(3y ago)44.5k—7.1%MITPHPPHP &gt;=5.3.0

Since Feb 16Pushed 3y ago1 watchersCompare

[ Source](https://github.com/selfsimilar/laravel-d7-password)[ Packagist](https://packagist.org/packages/selfsimilar/laravel-d7-password)[ Docs](https://github.com/selfsimilar/laravel-d7-password)[ RSS](/packages/selfsimilar-laravel-d7-password/feed)WikiDiscussions main Synced 1mo ago

READMEChangelogDependencies (4)Versions (2)Used By (0)

Laravel Drupal 7 Password
=========================

[](#laravel-drupal-7-password)

[![Build Status](https://camo.githubusercontent.com/64eab70fbd0fd844bde5157a42cfcfa29a66fd6a440314f3535ed806662e023d/68747470733a2f2f7472617669732d63692e6f72672f73656c6673696d696c61722f6c61726176656c2d64372d70617373776f72642e7376673f6272616e63683d6d61696e)](https://travis-ci.org/selfsimilar/laravel-d7-password)

This Laravel 8 package provides an easy way to create and check against Drupal 7 password hashes. Drupal is not required.

Installation
------------

[](#installation)

#### Step 1: Composer

[](#step-1-composer)

Begin by installing this package through Composer. Edit your project's `composer.json` file to require `selfsimilar/laravel-d7-password`.

```
"require": {
  "selfsimilar/laravel-d7-password": "~0.1.2"
}
```

Next, update Composer from the Terminal:

```
composer update
```

#### Step 2: Register Laravel Service Provider

[](#step-2-register-laravel-service-provider)

Once this operation completes, the final step is to [register the service provider](https://laravel.com/docs/8.x/providers#registering-providers).

- **Laravel 5-8.x**: Open `config/app.php`, and add a new item to the providers array

```
'Selfsimilar\D7Password\D7PasswordProvider'
```

Usage
-----

[](#usage)

Add a **use statement** for the D7Password facade

```
use Selfsimilar\D7Password\Facades\D7Password;
```

### `make()` - Create Password Hash

[](#make---create-password-hash)

Similar to the Drupal [`user_hash_password()`](https://api.drupal.org/api/drupal/includes%21password.inc/function/user_hash_password/7.x) function

```
$hashed_password = D7Password::make('plain-text-password');
```

### `check()` - Check Password Hash

[](#check---check-password-hash)

Similar to the Drupal [`user_check_password()`](https://api.drupal.org/api/drupal/includes%21password.inc/function/user_check_password/7.x) function

```
$password = 'plain-text-password';
$d7_hashed_password = '$S$B7TRc6vrwCfjgKLZLgmN.dmPo6msZR.';

if ( D7Password::check($password, $d7_hashed_password) ) {
    // Password success!
} else {
    // Password failed :(
}
```

### Dependency Injection

[](#dependency-injection)

I used a facade above to simplify the documentation. If you'd prefer not to use the facade, you can inject the following interface: `Selfsimilar\D7Password\Contracts\D7Password`.

### Recommendations

[](#recommendations)

While you could in principle register and use the D7PasswordHasher as the default hasher and leave the passwords alone, you can also update the passwords to the better and more secure Laravel default Bcrypt algorithm. When authenticating, first check using the default hasher, and if that fails, check again with the Drupal 7 Hasher. If that succeeds, simply update the password hash for future logins.

As an example, assuming you have a fresh Laravel 8 application using Fortify (or Jetstream which uses Fortify), make the following changes to `app/Providers/FortifyServiceProvider.php`.

Import the following:

```
use App\Models\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Hash;
use Selfsimilar\D7Password\Facades\D7Password as D7Hash;
```

Add this to the `boot()` method:

```
Fortify::authenticateUsing(function (Request $request) {
  $user = User::where('email', $request->email)->first();

  if ($user) {
    if (Hash::check($request->password, $user->password)) {
      return $user;
    }
    else {
      if (D7Hash::check($request->password, $user->password)) {
        $user->update(['password' => Hash::make($request->password)]);
        return $user;
      }
    }
  }
});
```

###  Health Score

26

—

LowBetter than 43% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity26

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity40

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

1187d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/76dfec670b6773b2d5acb6a7ed8256e4c192814a785c2c79242718e2907360bf?d=identicon)[colin-nu](/maintainers/colin-nu)

---

Top Contributors

[![selfsimilar](https://avatars.githubusercontent.com/u/784446?v=4)](https://github.com/selfsimilar "selfsimilar (10 commits)")

---

Tags

laraveldrupalpasswordhashing

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/selfsimilar-laravel-d7-password/health.svg)

```
[![Health](https://phpackages.com/badges/selfsimilar-laravel-d7-password/health.svg)](https://phpackages.com/packages/selfsimilar-laravel-d7-password)
```

###  Alternatives

[mikemclin/laravel-wp-password

Laravel package that checks and creates WordPress password hashes

863.4M2](/packages/mikemclin-laravel-wp-password)[olssonm/laravel-backup-shield

Protection for your laravel backups

3019.5k](/packages/olssonm-laravel-backup-shield)[robclancy/laravel4-hashing

Package for when you can't use Bcrypt in Laravel 4.

301.8k1](/packages/robclancy-laravel4-hashing)[ammardev/laravel-wp-hash-driver

Supports Wordpress passwords hashing and checking in Laravel's Hash facade.

169.3k](/packages/ammardev-laravel-wp-hash-driver)[laragear/poke

Keep your forms alive, avoid TokenMismatchException by gently poking your Laravel app

2211.5k](/packages/laragear-poke)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)