tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-07-03 01:49:37 +02:00
Code Issues Projects Releases Wiki Activity

BUGFIX: old 2.3 passwords now handled correctly and migrated accordingly

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@97357 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Geoff Munn 2010-01-21 03:51:13 +00:00 committed by Sam Minnee
parent 597108989e
commit 81d775f06f
2 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
security/PasswordEncryptor.php
View File

@ -161,7 +161,7 @@ class PasswordEncryptor_PHPHash extends PasswordEncryptor {
*/
class PasswordEncryptor_LegacyPHPHash extends PasswordEncryptor_PHPHash {
function encrypt($password, $salt = null, $member = null) {
$password = parent::encrypt($password . $salt, $member, $salt);
$password = parent::encrypt($password, $salt, $member);
// Legacy fix: This shortening logic is producing unpredictable results.
//

23
tests/security/MemberAuthenticatorTest.php
View File

@ -6,13 +6,16 @@
class MemberAuthenticatorTest extends SapphireTest {
function testLegacyPasswordHashMigrationUponLogin() {
$member = new Member();
$member->Email = 'test@test.com';
$field=Member::get_unique_identifier_field();
$member->$field = 'test@test.com';
$member->PasswordEncryption = "sha1";
$member->Password = "mypassword";
$member->write();
$data = array(
'Email' => $member->Email,
'Email' => $member->$field,
'Password' => 'mypassword'
);
MemberAuthenticator::authenticate($data);
@ -25,14 +28,16 @@ class MemberAuthenticatorTest extends SapphireTest {
function testNoLegacyPasswordHashMigrationOnIncompatibleAlgorithm() {
PasswordEncryptor::register('crc32', 'PasswordEncryptor_PHPHash("crc32")');
$field=Member::get_unique_identifier_field();
$member = new Member();
$member->Email = 'test@test.com';
$member->$field = 'test@test.com';
$member->PasswordEncryption = "crc32";
$member->Password = "mypassword";
$member->write();
$data = array(
'Email' => $member->Email,
'Email' => $member->$field,
'Password' => 'mypassword'
);
MemberAuthenticator::authenticate($data);
@ -41,4 +46,14 @@ class MemberAuthenticatorTest extends SapphireTest {
$this->assertEquals($member->PasswordEncryption, "crc32");
$this->assertTrue($member->checkPassword('mypassword'));
}
function testCustomIdentifierField(){
Member::set_unique_identifier_field('Username');
$label=singleton('Member')->fieldLabel(Member::get_unique_identifier_field());
$this->assertEquals($label, 'Username');
}
}