[#2551] - The changing password process does not working
- Closed
- 5 Dec 2013
- Medium
- Build: master
- # 2551
- Diff
- colivier:patch-2
- Success The Travis CI build passed Details
User tests: Successful: Unsuccessful:
The getCryptedPassword gives the salt value in the result if the encryption is sha256 or if the encryption is bcrypt (default value) and the use of strong encryption is set.
So in the processResetComplete function, if the code is :
$password = $crypted . ':' . $salt;
The salt value is set a second time when the encryption is sha256 or bcrypt and the user cannot connect with his new password. A simple solution is replace the line above by this line :
$password = (strpos($crypted, ':') > 0) ? $crypted : $crypted . ':' .$salt;
The processResetComplete function should be also set de the encryption param for the getCryptedPassword function.
mbabker
- | Status | New | ⇒ | Closed |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2013-12-05 19:10:10 |
Hi Hannes,
Thank you for your trust, and of course I will test the PR.
Thank you for your contribution. Since there were more issues with the bcrypt implementation, we have a much bigger PR that fixes this and other issues. See #2589 I would be very happy if you could help test this one.
Since #2589 superseeds this PR, I'd like to ask to close this one.