support multi password hash verify

app/Http/Controllers/Passport/AuthController.php

@@ -93,7 +93,11 @@ class AuthController extends Controller
         if (!$user) {
             abort(500, '用户名或密码错误');
         }
-        if (!password_verify($password, $user->password)) {
+        if (!$this->multiPasswordVerify(
+            $user->password_algo,
+            $password,
+            $user->password)
+        ) {
             abort(500, '用户名或密码错误');
         }
 
@@ -173,6 +177,7 @@ class AuthController extends Controller
         }
         $user = User::where('email', $request->input('email'))->first();
         $user->password = password_hash($request->input('password'), PASSWORD_DEFAULT);
+        $user->password_algo = NULL;
         if (!$user->save()) {
             abort(500, '重置失败');
         }
@@ -181,4 +186,13 @@ class AuthController extends Controller
             'data' => true
         ]);
     }
+
+    private function multiPasswordVerify($algo, $password, $hash)
+    {
+        switch($algo) {
+            case 'md5': return md5($password) === $hash;
+            case 'sha256': return hash('sha256', $password) === $hash;
+            default: return password_hash($password, PASSWORD_DEFAULT) === $hash;
+        }
+    }
 }

app/Http/Controllers/User/UserController.php

@@ -36,6 +36,7 @@ class UserController extends Controller
             abort(500, '旧密码有误');
         }
         $user->password = password_hash($request->input('new_password'), PASSWORD_DEFAULT);
+        $user->password_algo = NULL;
         if (!$user->save()) {
             abort(500, '保存失败');
         }

database/update.sql

@@ -133,4 +133,7 @@ ALTER TABLE `v2_order`
 DROP `method`;
 
 ALTER TABLE `v2_invite_code`
-ADD `pv` int(11) NOT NULL DEFAULT '0' AFTER `status`;
+ADD `pv` int(11) NOT NULL DEFAULT '0' AFTER `status`;
+
+ALTER TABLE `v2_user`
+ADD `password_algo` char(10) COLLATE 'utf8_general_ci' NULL AFTER `password`;