English
English
In daily system management or development processes, we sometimes need a simple user verification mechanism, especially when building command line tools. Although we prefer to use OAuth, JWT or database authentication mechanisms in production environments, in some lightweight scenarios, a user authentication tool based on the crypt() function is sufficient.
This article will take you step by step to build a PHP command line user verification tool based on crypt() .
crypt() is a built-in encryption function in PHP, used to encrypt passwords in one-way hashing. It can use different algorithms (such as DES, MD5, SHA-256, SHA-512), depending on the provided salt format.
$password = 'secret123';
$hashed = crypt($password, '$6$rounds=5000$mysalt$'); // use SHA-512 encryption
echo $hashed;
We need to first define a user password file, similar to Linux /etc/shadow , which is used to store the user name and corresponding encrypted password.
For example, create a users.txt file with the following content:
alice:$6$rounds=5000$randomsalt$TtXcNpEYgkQq6nGyTT1ZqJK6sOHZ7GUa0OtUzBDwK8DUD.QHrVmMTE6EKH9vdA/5jYrc6IQsb9M4OzhxZs7Hz1
bob:$6$rounds=5000$othersalt$z1MBfFaSzPIcL7PZ8coYumWqaYvKPWhjvOwwBQ25BqNjfGC2THcR2A2E2MBc6m/mM6z2qKNEqgghADnIJo7KO0
Create auth.php file:
<?php
// Check whether it runs from the command line
if (php_sapi_name() !== 'cli') {
exit("Please run this script from the command line。\n");
}
// Get username and password
fwrite(STDOUT, "username: ");
$username = trim(fgets(STDIN));
fwrite(STDOUT, "password: ");
system('stty -echo'); // 隐藏password输入
$password = trim(fgets(STDIN));
system('stty echo');
fwrite(STDOUT, "\n");
// Read user files
$userFile = __DIR__ . '/users.txt';
if (!file_exists($userFile)) {
exit("The user file does not exist。\n");
}
$found = false;
$lines = file($userFile, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($lines as $line) {
list($user, $hashed) = explode(':', $line, 2);
if ($user === $username) {
// 验证password
if (crypt($password, $hashed) === $hashed) {
echo "Authentication is successful!welcome,{$username}。\n";
} else {
echo "password错误。\n";
}
$found = true;
break;
}
}
if (!$found) {
echo "The user does not exist。\n";
}
Adding a password to the user can be done through a simple command line tool:
<?php
// 创建新用户encryption条目
$username = readline("新username: ");
$password = readline("password: ");
// generate salt and hash
$salt = base64_encode(random_bytes(8));
$salt = str_replace('+', '.', substr($salt, 0, 16)); // Compatibility processing
$fullSalt = '$6$rounds=5000$' . $salt . '$';
$hashedPassword = crypt($password, $fullSalt);
// Output result
echo "{$username}:{$hashedPassword}\n";
// Can be added to users.txt In the file
This tool, while simple, is very useful in script automation, security testing, or rapid prototyping. It can be easily integrated into Bash scripts, automated deployment processes, and even used to secure interfaces to access PHP CLI tools.
For production environments, it is recommended to adopt a more professional user authentication mechanism and provide appropriate permission control for password files.
