[TYPO3-dev] Authenticating BE User correctly
Kay Strobach
typo3 at kay-strobach.de
Wed Feb 15 16:30:27 CET 2012
Hello guys,
perhaps you know my webdav extension EXT:webdav.
During the last day i found, that it's incompatible to saltedpasswords :(
I do currently authenticate users with the following code:
$BE_USER->setBeUserByName($result[0]);
if (!$result || md5($result[1])!=$BE_USER->user['password']) {
Which assumes, that the user has an md5 encrypted password stored in the
database. How is the correct way of authenticating a user with known
plaintext password (http basic auth) independent of the use of any
salting extension?!
Is $BE_USER->processLoginData the right function?
Thanks
Kay
--
http://www.kay-strobach.de - Open Source Rocks
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
Answere was usefull: https://flattr.com/profile/kaystrobach
More information about the TYPO3-dev
mailing list