Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

new functions added for encrypting passwords #390

Merged
merged 2 commits into from Sep 6, 2019
Merged

new functions added for encrypting passwords #390

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
08d54d1
new functions added for encrypting passwords with better algo while k…
8633brown Mar 15, 2019
07a304d
Update owa_lib.php
8633brown Sep 4, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
25 changes: 23 additions & 2 deletions owa_auth.php
View file
Open in desktop
Expand Up @@ -197,7 +197,9 @@ function authByInput($user_id, $password) {
// set credentials
$this->credentials['user_id'] = owa_sanitize::cleanUserId( $user_id );
// must encrypt password to see if it matches whats in the db
$this->credentials['password'] = $this->generateAuthCredential( $this->credentials['user_id'], $this->encryptPassword( $password ) );
$this->credentials['password'] = $this->generateAuthCredential( $this->credentials['user_id'], $this->encryptOldPassword( $password ) );
// pass plain text password to test with password_verify
$this->credentials['new_password'] = $password;
//owa_coreAPI::debug(print_r($this->credentials, true));
$ret = $this->isUser();

Expand Down Expand Up @@ -354,6 +356,11 @@ function encryptPassword($password) {

return owa_lib::encryptPassword($password);

}
function encryptOldPassword($password) {

return owa_lib::encryptOldPassword($password);

}

function getUser() {
Expand All @@ -377,6 +384,20 @@ function isUser() {
$this->getUser();

if ( $this->credentials['user_id'] === $this->u->get('user_id') ) {

// new_password will only be set when using authByInput
if ( isset($this->credentials['new_password']) ) {
// plain text password matches DB password we can authorize
if ( password_verify( $this->credentials['new_password'], $this->u->get('password') ) ) {
$this->_is_user = true;

// set as new current user in service layer
$cu->loadNewUserByObject( $this->u );
$cu->setAuthStatus(true);

return true;
}
}

//if ($this->credentials['password'] === $this->u->get('password')):
if ( $this->isValidAuthCredential( $this->credentials['user_id'], $this->credentials['password'] ) ) {
Expand Down Expand Up @@ -450,4 +471,4 @@ function generateAuthCredential($user_id, $password, $expiration = '', $scheme =

}

?>
?>
13 changes: 11 additions & 2 deletions owa_lib.php
View file
Open in desktop
Expand Up @@ -998,11 +998,20 @@ public static function truncate ($str, $length=10, $trailing='...') {
* @param string $password
* @return string
*/
public static function encryptPassword($password) {
public static function encryptOldPassword($password) {

return md5(strtolower($password).strlen($password));
//return owa_coreAPI::saltedHash( $password, 'auth');
}
public static function encryptPassword($password) {

// check function exists to support older PHP
if ( function_exists(password_hash) ) {
return password_hash( $password, PASSWORD_BCRYPT );
8633brown marked this conversation as resolved.
Show resolved Hide resolved
} else {
return $this->encryptOldPassword($password);
}
}

public static function hash( $hash_type = 'md5', $data, $salt = '' ) {

Expand Down Expand Up @@ -1367,4 +1376,4 @@ public static function isPrivateIp( $ip_address ) {
}
}

?>
?>