composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-02-12 23:14:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

ormPassword: allow use of different password hash algo

Browse Source
This commit is contained in:
SamB
2020-12-04 16:21:23 +01:00
committed by Stephen Abello
parent dd921e49b6
commit 30d4835fbb
2 changed files with 26 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
core/ormpassword.class.inc.php
View File

@@ -51,7 +51,8 @@ class ormPassword
*/
public function SetPassword($sClearTextPassword)
{
$this->m_sHashed = password_hash($sClearTextPassword, PASSWORD_DEFAULT);
$iHashAlgo = MetaModel::GetConfig()->GetPasswordHashAlgo();
$this->m_sHashed = password_hash($sClearTextPassword, $iHashAlgo);
}
/**
@@ -96,18 +97,18 @@ class ormPassword
{
$bResult = false;
$aInfo = password_get_info($this->m_sHashed);
switch ($aInfo["algo"])
if (is_null($aInfo["algo"]) || $aInfo["algo"] === 0)
{
case 0:
//unknown, assume it's a legacy password
$sHashedPwd = $this->ComputeHash($sClearTextPassword);
if ($this->m_sHashed == $sHashedPwd)
{
$bResult = true;
}
break;
default:
$bResult = password_verify($sClearTextPassword, $this->m_sHashed);
//unknown, assume it's a legacy password
$sHashedPwd = $this->ComputeHash($sClearTextPassword);
if ($this->m_sHashed == $sHashedPwd)
{
$bResult = true;
}
}
else
{
$bResult = password_verify($sClearTextPassword, $this->m_sHashed);
}
return $bResult;
}