[TYPO3-dev] Getting clear text passwords in authentication service
Chris Müller
mueller at cyperfection.de
Mon May 6 07:42:29 CEST 2013
Hi Steffen,
thanks for your snippet. I tried it, but the key from "$storage->get()"
has the value "NULL". Is there something different in TYPO3 6.1?
Regards,
Chris.
Am 03.05.2013 18:35, schrieb Steffen Müller:
> Hi.
>
>
> /**
> * Decrypts a phrase if it was encrypted with routines from rsa_auth sysext
> *
> * @param $phrase
> * @return string
> */
> public function decrypt($phrase) {
> if ($GLOBALS['TSFE']->fe_user->security_level == 'rsa' &&
> t3lib_extMgm::isLoaded('rsaauth')) {
> require_once(t3lib_extMgm::extPath('rsaauth') .
> 'sv1/backends/class.tx_rsaauth_backendfactory.php');
> require_once(t3lib_extMgm::extPath('rsaauth') .
> 'sv1/storage/class.tx_rsaauth_storagefactory.php');
>
> $backend = tx_rsaauth_backendfactory::getBackend();
> $storage = tx_rsaauth_storagefactory::getStorage();
>
> // Preprocess the password
> $key = $storage->get();
> if ($key != NULL && substr($phrase, 0, 4) == 'rsa:') {
> // Decode password
> $phrase = $backend->decrypt($key, substr($phrase, 4));
> }
> }
>
> return $phrase;
> }
>
More information about the TYPO3-dev
mailing list