mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use new hashing API for OC_User_Database 

This will use the new Hashing API for OC_User_Database and migrate old passwords upon initial login of the user.
This commit is contained in:
Lukas Reschke 2014-11-06 15:42:06 +01:00
parent 2090e9b620
commit c4d7483a0a
1 changed files with 7 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
lib/private/user/database.php
View File

@ -33,28 +33,12 @@
*
*/
require_once 'phpass/PasswordHash.php';
/**
* Class for user management in a SQL Database (e.g. MySQL, SQLite)
*/
class OC_User_Database extends OC_User_Backend {
/**
* @var PasswordHash
*/
private static $hasher = null;
private $cache = array();
private function getHasher() {
if (!self::$hasher) {
//we don't want to use DES based crypt(), since it doesn't return a hash with a recognisable prefix
$forcePortable = (CRYPT_BLOWFISH != 1);
self::$hasher = new PasswordHash(8, $forcePortable);
}
return self::$hasher;
}
/**
* Create a new user
* @param string $uid The username of the user to create
@ -66,10 +50,8 @@ class OC_User_Database extends OC_User_Backend {
*/
public function createUser($uid, $password) {
if (!$this->userExists($uid)) {
$hasher = $this->getHasher();
$hash = $hasher->HashPassword($password . OC_Config::getValue('passwordsalt', ''));
$query = OC_DB::prepare('INSERT INTO `*PREFIX*users` ( `uid`, `password` ) VALUES( ?, ? )');
$result = $query->execute(array($uid, $hash));
$result = $query->execute(array($uid, \OC::$server->getHasher()->hash($password)));
return $result ? true : false;
}
@ -106,10 +88,8 @@ class OC_User_Database extends OC_User_Backend {
*/
public function setPassword($uid, $password) {
if ($this->userExists($uid)) {
$hasher = $this->getHasher();
$hash = $hasher->HashPassword($password . OC_Config::getValue('passwordsalt', ''));
$query = OC_DB::prepare('UPDATE `*PREFIX*users` SET `password` = ? WHERE `uid` = ?');
$result = $query->execute(array($hash, $uid));
$result = $query->execute(array(\OC::$server->getHasher()->hash($password), $uid));
return $result ? true : false;
}
@ -159,7 +139,6 @@ class OC_User_Database extends OC_User_Backend {
. ' WHERE LOWER(`displayname`) LIKE LOWER(?) OR '
. 'LOWER(`uid`) LIKE LOWER(?) ORDER BY `uid` ASC', $limit, $offset);
$result = $query->execute(array('%' . $search . '%', '%' . $search . '%'));
$users = array();
while ($row = $result->fetchRow()) {
$displayNames[$row['uid']] = $row['displayname'];
}
@ -183,18 +162,14 @@ class OC_User_Database extends OC_User_Backend {
$row = $result->fetchRow();
if ($row) {
$storedHash = $row['password'];
if ($storedHash[0] === '$') { //the new phpass based hashing
$hasher = $this->getHasher();
if ($hasher->CheckPassword($password . OC_Config::getValue('passwordsalt', ''), $storedHash)) {
return $row['uid'];
$newHash = '';
if(\OC::$server->getHasher()->verify($password, $storedHash, $newHash)) {
if(!empty($newHash)) {
$this->setPassword($uid, $password);
}
//old sha1 based hashing
} elseif (sha1($password) === $storedHash) {
//upgrade to new hashing
$this->setPassword($row['uid'], $password);
return $row['uid'];
}
}
return false;