options = [ "users" => [] ]; if ($options) { $this->options = array_merge($this->options, (array)$options); } } public function __invoke(array $arguments): bool { $user = $arguments["user"]; $password = $arguments["password"]; /* Unknown user. */ if (!isset($this->options["users"][$user])) { return false; } if (self::isHash($this->options["users"][$user])) { /* Hashed password. */ return password_verify($password, $this->options["users"][$user]); } else { /* Cleartext password. */ return $this->options["users"][$user] === $password; } } private static function isHash($password): bool { return preg_match('/^\$(2|2a|2y)\$\d{2}\$.*/', $password) && (strlen($password) >= 60); } }