[Proposal] Use Hash::make() instead of a direct call to bcrypt in ResetsPasswords.php

[arondeparon]

In ResetsPasswords.php there is a direct call to bcrypt on line 104. This in itself is not really a problem since Hash::make() acts as a wrapper for bcrypt, but would it not be more elegant to use Hash::make(), as this is also the recommended way to create password hashes?

[joshmanders]

bcrypt is a wrapper around Hash::make() https://github.com/laravel/framework/blob/698a6356b2aa91cd61f07832330832dcef7d7883/src/Illuminate/Foundation/helpers.php#L183-L195

[koenhoeijmakers]

Yes its a wrapper, but given that Argon2 is becoming optional in php7.2, calling bcrypt() while it actually uses Argon2 is kindof odd (this is the case with my Argon2 package which replaces bcrypt completely), calling bcrypt() doesn't really make it dynamic in a sense that parts of the framework are replacable, i'm totally for Hash::make() everywhere.

[arondeparon]

Oops! Seems I got it backwards. My bad 🤦‍♂️

Anyway: I agree with @koenhoeijmakers; using Hash::make() does some more consistent and future-proof.

[browner12]

wouldn't a solution just be to rename the bcrypt helper to something more generic?

I don't think this is really a future proofing issue, but rather simply a semantic one.

[m1guelpf]

@browner12 Renaming the bcrypt() helper would be VERY breaking...

[browner12]

yup, would definitely have to go to master. But as we all know, bcrypt won't be around forever, so abstracting the name to something generic will help put it in line with how Hash:make works.

[m1guelpf]

Opened laravel/framework#20155, but I don't have hope with this one...

[Dylan-DPC-zz]

@arondeparon you can close this issue as the PR is merged for 5.5