Tobias Belling Christensen Posted May 4, 2016 Posted May 4, 2016 Hi. I have been trying to figure out how to make the forum use my main site's login system, but I find it hard to guess how the things works... My main site has unique salts for every user, so it's not enough to just change/add a hash algorithm to the external file. So what I am trying to ask is, how do I run a query for the salt in my external database? What I have come up with until now is the in attached image file, but in short I have tried to modify the encryptPassword method a little. I am not quite sure the select statement should use these details...
Ryan Ashbrook Posted May 4, 2016 Posted May 4, 2016 Are you passing a value to $login_auth? By default, that method does not have that parameter - it only accepts a password, and is sent through via authenticate(). /* If the password doesn't match, throw an exception */ if ( !\IPS\Login::compareHashes( $this->encryptedPassword( $values['password'] ), $result[ $this->settings['db_col_pass'] ] ) ) If you're adding a secondary parameter, make sure you're passing the correct value in here as well.
Tobias Belling Christensen Posted May 4, 2016 Author Posted May 4, 2016 13 minutes ago, Ryan Ashbrook said: Are you passing a value to $login_auth? By default, that method does not have that parameter - it only accepts a password, and is sent through via authenticate(). /* If the password doesn't match, throw an exception */ if ( !\IPS\Login::compareHashes( $this->encryptedPassword( $values['password'] ), $result[ $this->settings['db_col_pass'] ] ) ) If you're adding a secondary parameter, make sure you're passing the correct value in here as well. No, I am trying to check if they filled out an email, and then uses the email to find the salt from the user they are trying to login as. The salts are unique on a per user basis, so I would need to find the user to encrypt the password correctly for the hash check to work. So what I really want to know is, how do I run a select statement like: SELECT salt FROM users WHERE email = ? And after that I want to take the salt result from the statement.
Tobias Belling Christensen Posted May 6, 2016 Author Posted May 6, 2016 On 4/5/2016 at 7:22 PM, Ryan Ashbrook said: Are you passing a value to $login_auth? By default, that method does not have that parameter - it only accepts a password, and is sent through via authenticate(). /* If the password doesn't match, throw an exception */ if ( !\IPS\Login::compareHashes( $this->encryptedPassword( $values['password'] ), $result[ $this->settings['db_col_pass'] ] ) ) If you're adding a secondary parameter, make sure you're passing the correct value in here as well. Sorry... Didn't read the last line you wrote... I have made a small modification of that line, so it looks like it does on the picture. My primary problem is, that I don't know how to write a simple SQL statement (selecting the salt from the db) with your Framework.
teraßyte Posted May 6, 2016 Posted May 6, 2016 You can use this: \IPS\Db::i()->select( ... ); Look at the function phpdoc for more details
Tobias Belling Christensen Posted May 9, 2016 Author Posted May 9, 2016 On 6/5/2016 at 3:03 PM, teraßyte said: You can use this: \IPS\Db::i()->select( ... ); Look at the function phpdoc for more details Thanks for the suggestion, but I think I might just drop this, as it doesn't seem possible with the current amount of help available and time it would require to make this work, not even taking the inconvenience of updates into considerations, as they apparently check if the files have been modified manually and won't allow update if they have been.
Aiwa Posted May 24, 2016 Posted May 24, 2016 Are you creating a login handler, or are you modifying core files? You should never modify core files. Use a hook or add a custom login handler. If the modification is done properly, upgrades shouldn't cause you any problems unless the upgrade changes something you're hooking into.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.