[PasswordHasher] Mention standalone use of PasswordHasherFactory

alexandre-daubois · alexandre-daubois · commit d72bf8ae070b · 2023-03-29T13:21:27.000+02:00
diff --git a/security/passwords.rst b/security/passwords.rst
@@ -134,7 +134,7 @@ Further in this article, you can find a
     .. configuration-block::
 
         .. code-block:: yaml
-        
+
             # config/packages/test/security.yaml
             security:
                 # ...
@@ -697,6 +697,32 @@ you must register a service for it in order to use it as a named hasher:
 This creates a hasher named ``app_hasher`` from a service with the ID
 ``App\Security\Hasher\MyCustomPasswordHasher``.
 
+Hashing a Stand-Alone String
+----------------------------
+
+The password hasher can be used to hash strings independently
+of users. By using the
+:class:`Symfony\\Component\\PasswordHasher\\Hasher\\PasswordHasherFactory`,
+you can declare multiple hashers, retrieve any of them with
+its name and create hashes. You can then verify that a string matches the given
+hash::
+
+    use Symfony\Component\PasswordHasher\Hasher\PasswordHasherFactory;
+
+    // configure different hashers via the factory
+    $factory = new PasswordHasherFactory([
+        'common' => ['algorithm' => 'bcrypt'],
+        'sodium' => ['algorithm' => 'sodium'],
+    ]);
+
+    // retrieve the hasher using bcrypt
+    $hasher = $factory->getPasswordHasher('common');
+    $hash = $hasher->hash('plain');
+
+    // verify that a given string matches the hash calculated above
+    $hasher->verify($hash, 'invalid'); // false
+    $hasher->verify($hash, 'plain'); // true
+
 .. _passwordhasher-supported-algorithms:
 
 Supported Algorithms
