{
$user = self::getAuthenticationInfo($user_info);
- if (password_verify($password, $user['password'])) {
- if (password_needs_rehash($user['password'], PASSWORD_DEFAULT)) {
+ if (strpos($user['password'], '$') === false) {
+ //Legacy hash that has not been replaced by a new hash yet
+ if (self::hashPasswordLegacy($password) === $user['password']) {
self::updatePassword($user['uid'], $password);
- }
- return $user['uid'];
- } elseif (strpos($user['password'], '$') === false) {
- if (self::hashPasswordLegacy($password) === $user['password']) {
+ return $user['uid'];
+ }
+ } elseif (!empty($user['legacy_password'])) {
+ //Legacy hash that has been double-hashed and not replaced by a new hash yet
+ //Warning: `legacy_password` is not necessary in sync with the content of `password`
+ if (password_verify(self::hashPasswordLegacy($password), $user['password'])) {
self::updatePassword($user['uid'], $password);
return $user['uid'];
}
+ } elseif (password_verify($password, $user['password'])) {
+ //New password hash
+ if (password_needs_rehash($user['password'], PASSWORD_DEFAULT)) {
+ self::updatePassword($user['uid'], $password);
+ }
+
+ return $user['uid'];
}
throw new Exception(L10n::t('Login failed'));
if (!isset($user['uid'])
|| !isset($user['password'])
+ || !isset($user['legacy_password'])
) {
throw new Exception(L10n::t('Not enough information to authenticate'));
}
} elseif (is_int($user_info) || is_string($user_info)) {
if (is_int($user_info)) {
- $user = dba::selectFirst('user', ['uid', 'password'],
+ $user = dba::selectFirst('user', ['uid', 'password', 'legacy_password'],
[
'uid' => $user_info,
'blocked' => 0,
]
);
} else {
- $user = dba::fetch_first('SELECT `uid`, `password`
+ $user = dba::fetch_first('SELECT `uid`, `password`, `legacy_password`
FROM `user`
WHERE (`email` = ? OR `username` = ? OR `nickname` = ?)
AND `blocked` = 0
*/
public static function hashPassword($password)
{
+ if (!trim($password)) {
+ throw new Exception(L10n::t('Password can\'t be empty'));
+ }
+
return password_hash($password, PASSWORD_DEFAULT);
}
'password' => $pasword_hashed,
'pwdreset' => null,
'pwdreset_time' => null,
+ 'legacy_password' => false
];
return dba::update('user', $fields, ['uid' => $uid]);
}
$confirm = x($data, 'confirm') ? trim($data['confirm']) : '';
$blocked = x($data, 'blocked') ? intval($data['blocked']) : 0;
$verified = x($data, 'verified') ? intval($data['verified']) : 0;
+ $language = x($data, 'language') ? notags(trim($data['language'])) : 'en';
$publish = x($data, 'profile_publish_reg') && intval($data['profile_publish_reg']) ? 1 : 0;
$netpublish = strlen(Config::get('system', 'directory')) ? $publish : 0;
$_SESSION['register'] = 1;
$_SESSION['openid'] = $openid_url;
- $openid = new LightOpenID;
+ $openid = new LightOpenID($a->get_hostname());
$openid->identity = $openid_url;
$openid->returnUrl = System::baseUrl() . '/openid';
$openid->required = ['namePerson/friendly', 'contact/email', 'namePerson'];
'sprvkey' => $sprvkey,
'verified' => $verified,
'blocked' => $blocked,
+ 'language' => $language,
'timezone' => 'UTC',
'register_date' => DateTimeFormat::utcNow(),
'default-location' => ''
projects / friendica.git / blobdiff