From 6359259dbb1e8d5b569f569a7089abffd9259d30 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Mon, 1 Mar 2021 15:24:18 +0300 Subject: simplify internal authentication code and bump default algo to SSHA-512 --- classes/pref/prefs.php | 24 +++--------------------- 1 file changed, 3 insertions(+), 21 deletions(-) (limited to 'classes/pref/prefs.php') diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php index 5fe4f1bbf..f61f0f038 100644 --- a/classes/pref/prefs.php +++ b/classes/pref/prefs.php @@ -1038,19 +1038,6 @@ class Pref_Prefs extends Handler_Protected { } } - static function _is_default_password() { - $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]); - - if ($authenticator && - method_exists($authenticator, "check_password") && - $authenticator->check_password($_SESSION["uid"], "password")) { - - return true; - } - - return false; - } - function otpdisable() { $password = clean($_REQUEST["password"]); @@ -1404,12 +1391,6 @@ class Pref_Prefs extends Handler_Protected { _encrypt_app_password($new_password); + $new_salt = UserHelper::get_salt(); + $new_password_hash = UserHelper::hash_password($new_password, $new_salt, UserHelper::HASH_ALGOS[0]); print_warning(T_sprintf("Generated password %s for %s. Please remember it for future reference.", $new_password, $title)); @@ -1432,7 +1414,7 @@ class Pref_Prefs extends Handler_Protected { VALUES (?, ?, ?, NOW(), ?)"); - $sth->execute([$title, $new_password_hash, Auth_Base::AUTH_SERVICE_API, $_SESSION['uid']]); + $sth->execute([$title, "$new_password_hash:$new_salt", Auth_Base::AUTH_SERVICE_API, $_SESSION['uid']]); $this->appPasswordList(); } -- cgit v1.2.3-54-g00ecf