For migration, we do not need to support the old password hash
This commit is contained in:
Visman
parent
ed926835ea
commit
102dc6a5e1
1 changed files with 1 additions and 13 deletions
|
|
@ -99,20 +99,8 @@ class Auth extends Page
|
||||||
} elseif ($user->isUnverified) {
|
} elseif ($user->isUnverified) {
|
||||||
$v->addError('Account is not activated', 'w');
|
$v->addError('Account is not activated', 'w');
|
||||||
} else {
|
} else {
|
||||||
$authorized = false;
|
|
||||||
$hash = $user->password;
|
|
||||||
// For FluxBB by Visman 1.5.10.74 and above
|
|
||||||
if (\strlen($hash) == 40) {
|
|
||||||
if (\hash_equals($hash, sha1($password . $this->c->SALT1))) {
|
|
||||||
$hash = \password_hash($password, \PASSWORD_DEFAULT);
|
|
||||||
$user->password = $hash;
|
|
||||||
$authorized = true;
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$authorized = \password_verify($password, $hash);
|
|
||||||
}
|
|
||||||
// ошибка в пароле
|
// ошибка в пароле
|
||||||
if (! $authorized) {
|
if (! \password_verify($password, $user->password)) {
|
||||||
$v->addError('Wrong user/pass');
|
$v->addError('Wrong user/pass');
|
||||||
} else {
|
} else {
|
||||||
// перезаписываем ip админа и модератора - Visman
|
// перезаписываем ip админа и модератора - Visman
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue