Home Explore Help
Register Sign In
alroyso
/
v2board
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

update: support md5 with sha256

tokumeikoi 3 years ago
parent
ec00fc4496
commit
0374a03892
5 changed files with 8 additions and 3 deletions
Split View Show Diff Stats
  1. 1 0
      app/Http/Controllers/Passport/AuthController.php
  2. 1 0
      app/Http/Controllers/User/UserController.php
  3. 2 2
      app/Utils/Helper.php
  4. 2 1
      database/install.sql
  5. 2 0
      database/update.sql

+ 1 - 0
app/Http/Controllers/Passport/AuthController.php
View File 

@@ -125,6 +125,7 @@ class AuthController extends Controller
 
         }
 
         if (!Helper::multiPasswordVerify(
 
             $user->password_algo,
 
+            $user->password_salt,
 
             $password,
 
             $user->password)
 
         ) {

+ 1 - 0
app/Http/Controllers/User/UserController.php
View File 

@@ -35,6 +35,7 @@ class UserController extends Controller
 
         }
 
         if (!Helper::multiPasswordVerify(
 
             $user->password_algo,
 
+            $user->password_salt,
 
             $request->input('old_password'),
 
             $user->password)
 
         ) {

+ 2 - 2
app/Utils/Helper.php
View File 

@@ -64,12 +64,12 @@ class Helper
 
         return $str;
 
     }
 
 
-    public static function multiPasswordVerify($algo, $password, $hash)
 
+    public static function multiPasswordVerify($algo, $salt, $password, $hash)
 
     {
 
         switch($algo) {
 
             case 'md5': return md5($password) === $hash;
 
             case 'sha256': return hash('sha256', $password) === $hash;
 
-            case 'mws': return md5(hash('sha256', $password)) === $hash;
 
+            case 'mws': return md5($password . $salt) === $hash;
 
             default: return password_verify($password, $hash);
 
         }
 
     }

+ 2 - 1
database/install.sql
View File 

@@ -323,6 +323,7 @@ CREATE TABLE `v2_user` (
 
                            `email` varchar(64) NOT NULL,
 
                            `password` varchar(64) NOT NULL,
 
                            `password_algo` char(10) DEFAULT NULL,
 
+                           `password_salt` char(10) DEFAULT NULL,
 
                            `balance` int(11) NOT NULL DEFAULT '0',
 
                            `discount` int(11) DEFAULT NULL,
 
                            `commission_type` tinyint(4) NOT NULL DEFAULT '0' COMMENT '0: system 1: cycle 2: onetime',
 
@@ -352,4 +353,4 @@ CREATE TABLE `v2_user` (
 
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 
 
--- 2021-08-28 06:53:57
 
+-- 2021-09-14 04:09:49

+ 2 - 0
database/update.sql
View File 

@@ -439,3 +439,5 @@ ALTER TABLE `v2_ticket_message`
 
 ALTER TABLE `v2_coupon`
 
     ADD `limit_use_with_user` int(11) NULL AFTER `limit_use`;
 
 
+ALTER TABLE `v2_user`
 
+    ADD `password_salt` char(10) COLLATE 'utf8_general_ci' NULL AFTER `password_algo`;