Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
Posted May 4, 20168 yr Hi. I have been trying to figure out how to make the forum use my main site's login system, but I find it hard to guess how the things works... My main site has unique salts for every user, so it's not enough to just change/add a hash algorithm to the external file. So what I am trying to ask is, how do I run a query for the salt in my external database? What I have come up with until now is the in attached image file, but in short I have tried to modify the encryptPassword method a little. I am not quite sure the select statement should use these details...
May 4, 20168 yr Are you passing a value to $login_auth? By default, that method does not have that parameter - it only accepts a password, and is sent through via authenticate(). /* If the password doesn't match, throw an exception */ if ( !\IPS\Login::compareHashes( $this->encryptedPassword( $values['password'] ), $result[ $this->settings['db_col_pass'] ] ) ) If you're adding a secondary parameter, make sure you're passing the correct value in here as well.
May 4, 20168 yr Author 13 minutes ago, Ryan Ashbrook said: Are you passing a value to $login_auth? By default, that method does not have that parameter - it only accepts a password, and is sent through via authenticate(). /* If the password doesn't match, throw an exception */ if ( !\IPS\Login::compareHashes( $this->encryptedPassword( $values['password'] ), $result[ $this->settings['db_col_pass'] ] ) ) If you're adding a secondary parameter, make sure you're passing the correct value in here as well. No, I am trying to check if they filled out an email, and then uses the email to find the salt from the user they are trying to login as. The salts are unique on a per user basis, so I would need to find the user to encrypt the password correctly for the hash check to work. So what I really want to know is, how do I run a select statement like: SELECT salt FROM users WHERE email = ? And after that I want to take the salt result from the statement.
May 6, 20168 yr Author On 4/5/2016 at 7:22 PM, Ryan Ashbrook said: Are you passing a value to $login_auth? By default, that method does not have that parameter - it only accepts a password, and is sent through via authenticate(). /* If the password doesn't match, throw an exception */ if ( !\IPS\Login::compareHashes( $this->encryptedPassword( $values['password'] ), $result[ $this->settings['db_col_pass'] ] ) ) If you're adding a secondary parameter, make sure you're passing the correct value in here as well. Sorry... Didn't read the last line you wrote... I have made a small modification of that line, so it looks like it does on the picture. My primary problem is, that I don't know how to write a simple SQL statement (selecting the salt from the db) with your Framework.
May 6, 20168 yr You can use this: \IPS\Db::i()->select( ... ); Look at the function phpdoc for more details
May 9, 20168 yr Author On 6/5/2016 at 3:03 PM, teraßyte said: You can use this: \IPS\Db::i()->select( ... ); Look at the function phpdoc for more details Thanks for the suggestion, but I think I might just drop this, as it doesn't seem possible with the current amount of help available and time it would require to make this work, not even taking the inconvenience of updates into considerations, as they apparently check if the files have been modified manually and won't allow update if they have been.
May 24, 20168 yr Are you creating a login handler, or are you modifying core files? You should never modify core files. Use a hook or add a custom login handler. If the modification is done properly, upgrades shouldn't cause you any problems unless the upgrade changes something you're hooking into.
Archived
This topic is now archived and is closed to further replies.