/** * Attempt to login against a migrated hash. If successful, * replace the existing password hash with an encrypted hash * of the original password. * * @param HiddenString $password * @param HiddenString $passwordHash * @param array $userData * @return bool * @throws SecurityAlert */ public function migrateImportedHash(HiddenString $password, HiddenString $passwordHash, array $userData = []) : bool { if (!isset($userData['migration']['type'])) { throw new SecurityAlert(\__('No migration type registered.')); } $migration = Gadgets::loadMigration($userData['migration']['type']); $migration->setPasswordKey($this->key); $table = $this->db->escapeIdentifier($this->tableConfig['table']['accounts']); if ($migration->validate($password, $passwordHash, $userData['migration'])) { $this->db->beginTransaction(); // We now know the plaintext. Let's replace their password. $this->db->update($table, ['password' => Password::hash($password->getString(), $this->key), 'migration' => null], ['userId' => $userData['userid']]); return $this->db->commit(); } return false; }