[TYPO3-dev] Authenticating BE User correctly
Kay Strobach
typo3 at kay-strobach.de
Thu Feb 16 10:39:10 CET 2012
Hello Georg,
to work also with saltedpasswords disabled, i changed the code to the
following one:
private function checkUserCredentials(array $userRecord, $password) {
if(t3lib_extMgm::isLoaded('saltedpasswords', false)) {
t3lib_div::requireOnce(t3lib_extMgm::extPath('saltedpasswords',
'classes/salts/class.tx_saltedpasswords_salts_factory.php'));
$this->objInstanceSaltedPW =
tx_saltedpasswords_salts_factory::getSaltingInstance($userRecord['password'],
'BE');
if (is_object($this->objInstanceSaltedPW)) {
return $this->objInstanceSaltedPW->checkPassword($password,
$userRecord['password']);
}
}
return md5($password) == $userRecord['password'];
}
Regards
Kay
Am 15.02.2012 16:37, schrieb Georg Ringer:
> Am 15.02.2012 16:37, schrieb Georg Ringer:
>> Hi,
>>
>> this is for FE but should be same for BE when you change FE to BE ;)
>
> /**
> * Check password of user with a given one
> *
> * @param array $userRecord
> * @param string $password
> * @return boolean
> */
> private function compareUserRecordWithPassword(array $userRecord,
> $password) {
> t3lib_div::requireOnce(t3lib_extMgm::extPath('saltedpasswords',
> 'classes/salts/class.tx_saltedpasswords_salts_factory.php'));
>
> $this->objInstanceSaltedPW =
> tx_saltedpasswords_salts_factory::getSaltingInstance($userRecord['password'],
> 'FE');
> if (!is_object($this->objInstanceSaltedPW)) {
> $isValid = md5($password) == $userRecord['password'];
> return $isValid;
> #throw new Exception ('No Password-Factory found');
> }
> $validPassword = $this->objInstanceSaltedPW->checkPassword($password,
> $userRecord['password']);
> return $validPassword;
> }
--
http://www.kay-strobach.de - Open Source Rocks
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
Answere was usefull: https://flattr.com/profile/kaystrobach
More information about the TYPO3-dev
mailing list