BUGFIX: old 2.3 passwords now handled correctly and migrated accordingly (from r97357)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102443 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2010-04-12 05:01:31 +00:00
parent d2e310a773
commit f400c28099
2 changed files with 20 additions and 5 deletions

View File

@ -161,7 +161,7 @@ class PasswordEncryptor_PHPHash extends PasswordEncryptor {
*/
class PasswordEncryptor_LegacyPHPHash extends PasswordEncryptor_PHPHash {
function encrypt($password, $salt = null, $member = null) {
$password = parent::encrypt($password . $salt, $member, $salt);
$password = parent::encrypt($password, $salt, $member);
// Legacy fix: This shortening logic is producing unpredictable results.
//

View File

@ -9,13 +9,16 @@ class MemberAuthenticatorTest extends SapphireTest {
function testLegacyPasswordHashMigrationUponLogin() {
$member = new Member();
$member->Email = 'test@test.com';
$field=Member::get_unique_identifier_field();
$member->$field = 'test@test.com';
$member->PasswordEncryption = "sha1";
$member->Password = "mypassword";
$member->write();
$data = array(
'Email' => $member->Email,
'Email' => $member->$field,
'Password' => 'mypassword'
);
MemberAuthenticator::authenticate($data);
@ -29,14 +32,16 @@ class MemberAuthenticatorTest extends SapphireTest {
function testNoLegacyPasswordHashMigrationOnIncompatibleAlgorithm() {
PasswordEncryptor::register('crc32', 'PasswordEncryptor_PHPHash("crc32")');
$field=Member::get_unique_identifier_field();
$member = new Member();
$member->Email = 'test@test.com';
$member->$field = 'test@test.com';
$member->PasswordEncryption = "crc32";
$member->Password = "mypassword";
$member->write();
$data = array(
'Email' => $member->Email,
'Email' => $member->$field,
'Password' => 'mypassword'
);
MemberAuthenticator::authenticate($data);
@ -46,4 +51,14 @@ class MemberAuthenticatorTest extends SapphireTest {
$result = $member->checkPassword('mypassword');
$this->assertTrue($result->valid());
}
function testCustomIdentifierField(){
Member::set_unique_identifier_field('Username');
$label=singleton('Member')->fieldLabel(Member::get_unique_identifier_field());
$this->assertEquals($label, 'Username');
}
}