Commit 8e8e5b35 authored by Jesper Hvirring Henriksen's avatar Jesper Hvirring Henriksen
Browse files

Merge pull request #1 from chrislewis60/no_separate_salt

Remove the separate salt. This should make it easier to integrate with later versions of Devise.
parents 19cb2f94 ebf535fc
......@@ -30,9 +30,6 @@ Options
`hash_column`
: The column storing password hashes.
`salt_column`
: The column storing password salts.
Examples
--------
......@@ -45,7 +42,6 @@ Example - MySQL server:
'username' => 'userdb',
'password' => 'secretpassword',
'hash_column' => 'password_hash',
'salt_column' => 'password_salt'
'query' => 'SELECT username AS uid, name AS cn, email AS mail, password_hash, password_salt FROM users WHERE username = :username',
'query' => 'SELECT username AS uid, name AS cn, email AS mail, password_hash FROM users WHERE username = :username',
'pepper' => '0474f00f7823ade7d10d6797b4ceb591672c3440d92537309cedfc383a98209daf6755c043deb92936797cf74859e6924d0b395a0309950be364928188c7cf0f',
),
......@@ -52,13 +52,6 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
*/
private $hash_column;
/**
* The column holding the password salt.
*/
private $salt_column;
/**
* Constructor for this authentication source.
*
......@@ -93,7 +86,6 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
$this->query = $config['query'];
$this->pepper = $config['pepper'];
$this->hash_column = $config['hash_column'];
$this->salt_column = $config['salt_column'];
}
......@@ -184,9 +176,8 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
/* Validate stored password hash (must be in first row of resultset) */
$password_hash = $data[0][$this->hash_column];
$password_salt = $data[0][$this->salt_column];
if ($password_hash !== crypt($password.$this->pepper, $password_salt)) {
if ($password_hash !== crypt($password.$this->pepper, $password_hash)) {
/* Invalid password */
SimpleSAML_Logger::error('sqlauthBcrypt:' . $this->authId .
': Hash does not match. Wrong password or sqlauthBcrypt is misconfigured.');
......@@ -205,8 +196,8 @@ class sspmod_sqlauthBcrypt_Auth_Source_SQL extends sspmod_core_Auth_UserPassBase
continue;
}
if ($name === $this->hash_column || $name === $this->salt_column) {
/* Don't add password hash and salt to attributes */
if ($name === $this->hash_column) {
/* Don't add password hash to attributes */
continue;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment