From 21dd4864dda1c666ce4adfd29b40e70f70782963 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Fri, 1 Apr 2016 23:21:37 +0200 Subject: Support rehashing of passwords not conforming to config Signed-off-by: Florian Pritz --- application/libraries/Duser/drivers/Duser_db.php | 1 + application/models/muser.php | 6 ++++++ 2 files changed, 7 insertions(+) (limited to 'application') diff --git a/application/libraries/Duser/drivers/Duser_db.php b/application/libraries/Duser/drivers/Duser_db.php index 102d98023..1144f40f2 100644 --- a/application/libraries/Duser/drivers/Duser_db.php +++ b/application/libraries/Duser/drivers/Duser_db.php @@ -33,6 +33,7 @@ class Duser_db extends Duser_Driver { } if (password_verify($password, $query['password'])) { + $CI->muser->rehash_password($query['id'], $password, $query['password']); return array( "username" => $username, "userid" => $query["id"] diff --git a/application/models/muser.php b/application/models/muser.php index 8cdc91e6d..c30867e6a 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -252,6 +252,12 @@ class Muser extends CI_Model { )); } + public function rehash_password($userid, $password, $hash) { + if (password_needs_rehash($hash, $this->hashalgo, $this->hashoptions)) { + $this->set_password($userid, $password); + } + } + public function get_upload_id_limits() { $userid = $this->get_userid(); -- cgit v1.2.3-24-g4f1b