public function index2()
{
$this->load->helper('bcrypt_helper');
$pass = bcrypt_hash('mypassword');
echo $pass;
echo "<p>result:</p>";
if (bcrypt_check('mypassword', $pass) == true) {
echo "validation passed";
} else {
echo "didn't pass!";
}
}
* GNU Lesser General Public License along with OpenLSS.
* If not, see <http://www.gnu.org/licenses/>.
*/
use LSS\Account\Client;
use LSS\Account\ClientSession;
use LSS\Tpl;
use LSS\Url;
if (post('login')) {
try {
//get the client member
$client = Client::fetchByEmail(post('email'));
if (!$client) {
throw new Exception('Client member doesnt exist');
}
//check password
if (!bcrypt_check(post('password'), $client['password'])) {
throw new Exception('Password is invalid');
}
//generate token and setup session
$token = ClientSession::tokenCreate($client['client_id'], server('REMOTE_ADDR'), server('HTTP_USER_AGENT'));
ClientSession::startSession($token);
//update last login
Client::updateLastLogin($client['client_id']);
//redirect request
if (session('login_referrer') && strpos(session('login_referrer'), Url::login()) === false) {
redirect(session('login_referrer'));
} else {
redirect(Url::home());
}
} catch (Exception $e) {
alert($e->getMessage(), false);
public static final function auth($password, &$c)
{
//check password(s)
$auth = 0;
$auth += bcrypt_check($password, mda_get($c, 'contact_password')) ? 1 : 0;
$auth += mda_get($c, '__is_account') && bcrypt_check($password, mda_get($c, 'password')) ? 2 : 0;
$c['__auth'] = $auth;
//reprocess display vars, etc
self::addMacroFields($c);
return $auth;
}
function login($user, $pass)
{
$query = "SELECT * FROM users WHERE user_email = '{{user_email}}' LIMIT 0,1";
$result = $this->db->query($query, array('user_email' => $user));
if (!$result) {
return false;
}
// user / pass combo not found
$r = mysql_fetch_assoc($result);
if (!bcrypt_check($pass, $r['password'])) {
return false;
// pass doesn't match
}
// load usesr data
$return = array();
$return["user_ID"] = $this->cookie["user_ID"] = $r['user_ID'];
$return["company_ID"] = $this->cookie["company_ID"] = $r['company_ID'];
$return["user_name"] = $r['user_name'];
$return["password_timestamp"] = $r['password_timestamp'];
$this->cookie["user_level"] = $r['user_level'];
$this->load();
$this->save();
return $return;
}
public function testBcrypt()
{
$hash = bcrypt('password');
$this->assertTrue(bcrypt_check('password', $hash));
}
<?php
require "../lib.php";
if (g('username') === false || g('pass') === false || g('rememberme') === false) {
echo "ERR";
exit;
}
$user = g('username');
$pass = g('pass');
$r = redisLink();
$userid = $r->get("username:{$user}:id");
if (!$userid) {
echo "ERR";
exit;
}
if (bcrypt_check($pass, $r->get("uid:{$userid}:hashpass"))) {
$secret = $r->get("uid:{$userid}:auth");
if (gi('rememberme', 0) == 1) {
$now = time() + 3600 * 24 * 365;
setCookie("secret", $secret, $now, "/");
setCookie("secret", $secret, $now, "/", Config("domain"));
setCookie("secret", $secret, $now, "/", "." . Config("domain"));
} else {
// Just for this session.
setCookie("secret", $secret, 0, "/");
setCookie("secret", $secret, 0, "/", Config("domain"));
setCookie("secret", $secret, 0, "/", "." . Config("domain"));
}
echo "OK:AUTHENTICATED";
} else {
echo "ERR";