deon
/
lnauth
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Convert password during login to new secure hash

This commit is contained in:
Deon George 2016-09-01 20:55:15 +10:00
parent 81edc432b4
commit bd05d77afe
1 changed files with 21 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
classes/lnAuth/Auth/ORM.php
View File

@ -96,12 +96,29 @@ abstract class lnAuth_Auth_ORM extends lnApp_Auth_ORM {
return FALSE;
}
// Create a hashed password
if (is_string($password))
$password = $this->hash($password);
// Convert user password to new hash method
if (is_string($password) AND ! password_verify($password,$user->password) AND ! in_array($this->_config['hash_method'],['md5','sha1'])) {
// Was MD5
if (
(md5($password) == $user->password) OR
(sha1($password) == $user->password)
) {
// It will be re-hased by ORM
$user->password = $password;
if (! $user->save())
throw HTTP_Exception::factory(501,'Error converting password for :user',array(':user'=>$user->name()));
else {
SystemMessage::factory()
->title('Password Update')
->type('info')
->body('Your password was updated to a more secure algorithm');
}
}
}
// If the passwords match, perform a login
if ($user->active AND $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE)) AND $user->password === $password) {
if ($user->active AND $user->has_any('group',ORM::factory('Group',array('name'=>'Registered Users'))->list_childgrps(TRUE)) AND password_verify($password,$user->password)) {
// @todo This is not currently used.
if ($remember === TRUE) {