Cadoles
/
hydra-sql
21
0
Fork 0
Code Issues 4 Pull Requests 1 Projects Releases Wiki Activity

fix verify password methode ssha
Cadoles/hydra-sql/pipeline/pr-develop Build started... Details
Cadoles/hydra-sql/pipeline/head This commit looks good Details

This commit is contained in:
Rudy Masson 2023-01-11 10:30:24 +01:00
parent 4b360cc2a0
commit 39829ca6a1
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Security/Hasher/PasswordEncoder.php
View File

@ -47,8 +47,8 @@ class PasswordEncoder implements LegacyPasswordHasherInterface
$completedPassword = $this->getPasswordToHash($plainPassword, $salt); $completedPassword = $this->getPasswordToHash($plainPassword, $salt);
foreach ($this->hashAlgoLegacy as $algo) { foreach ($this->hashAlgoLegacy as $algo) {
if ('ssha' === $algo) { if ('ssha' === $algo && $this->compareSsha($hashedPassword, $completedPassword)) {
return $this->compareSsha($hashedPassword, $completedPassword); return true;
} }
if ($this->isObsoleteAlgo($algo)) { if ($this->isObsoleteAlgo($algo)) {
if (hash_equals(hash($algo, $completedPassword), $hashedPassword)) { if (hash_equals(hash($algo, $completedPassword), $hashedPassword)) {