I did kind of investigation by myself.
I can see CB uses new Joomla "Portable PHP password hashing framework"
functionality to crypt password. I noticed CB run on joomla 3.2.1,
while my other site is on Joomla 2
Anyway at the end of pasword cryption chain there is a function
hashPassword and verifyPassword in libraries/joomla/user/helper.php
abstract class JUserHelper
public static function hashPassword($password)
{
// Use PHPass's portable hashes with a cost of 10.
$phpass = new PasswordHash(10, true);
return $phpass->HashPassword($password);
}
public static function verifyPassword($password, $hash, $user_id =
0)
{
$rehash = false;
$match = false;
// If we are using phpass
if (strpos($hash, '$P$') === 0)
{
// Use PHPass's portable hashes with a cost of 10.
$phpass = new PasswordHash(10, true);
$match = $phpass->CheckPassword($password, $hash);
$rehash = false;
}
Indeed all my passwords starts with "$P$"
Whole algorithm to crypt CB/Joomla3.2.1 password is in file
libraries/phpass/PasswordHash.php
Question now is how to transform it to web2py CUSTOMER validator. I'll need
your help
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
