mirror of https://github.com/MISP/MISP
chg: [security] Use const hasher also for login
parent
0fc4698b60
commit
98b87d8987
|
@ -3,6 +3,7 @@ App::uses('ConnectionManager', 'Model');
|
|||
App::uses('Controller', 'Controller');
|
||||
App::uses('File', 'Utility');
|
||||
App::uses('RequestRearrangeTool', 'Tools');
|
||||
App::uses('BlowfishConstantPasswordHasher', 'Controller/Component/Auth');
|
||||
|
||||
/**
|
||||
* Application Controller
|
||||
|
@ -23,6 +24,10 @@ App::uses('RequestRearrangeTool', 'Tools');
|
|||
*/
|
||||
class AppController extends Controller
|
||||
{
|
||||
/**
|
||||
* @var string
|
||||
* @deprecated Use modelClass instead
|
||||
*/
|
||||
public $defaultModel = '';
|
||||
|
||||
public $helpers = array('OrgImg', 'FontAwesome', 'UserName', 'DataPathCollector');
|
||||
|
@ -56,14 +61,10 @@ class AppController extends Controller
|
|||
/** @var User */
|
||||
public $User;
|
||||
|
||||
public function __construct($id = false, $table = null, $ds = null)
|
||||
public function __construct($request = null, $response = null)
|
||||
{
|
||||
parent::__construct($id, $table, $ds);
|
||||
|
||||
$name = get_class($this);
|
||||
$name = str_replace('sController', '', $name);
|
||||
$name = str_replace('Controller', '', $name);
|
||||
$this->defaultModel = $name;
|
||||
parent::__construct($request, $response);
|
||||
$this->defaultModel = $this->modelClass;
|
||||
}
|
||||
|
||||
public $components = array(
|
||||
|
@ -72,7 +73,7 @@ class AppController extends Controller
|
|||
'authError' => 'Unauthorised access.',
|
||||
'authenticate' => array(
|
||||
'Form' => array(
|
||||
'passwordHasher' => 'Blowfish',
|
||||
'passwordHasher' => 'BlowfishConstant',
|
||||
'fields' => array(
|
||||
'username' => 'email'
|
||||
)
|
||||
|
|
|
@ -1,12 +1,15 @@
|
|||
<?php
|
||||
class BlowfishPasswordHasherConstant extends BlowfishPasswordHasher
|
||||
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');
|
||||
|
||||
class BlowfishConstantPasswordHasher extends BlowfishPasswordHasher
|
||||
{
|
||||
/**
|
||||
* @param string $password
|
||||
* @param string $hashedPassword
|
||||
* @return bool
|
||||
*/
|
||||
public function check($password, $hashedPassword) {
|
||||
public function check($password, $hashedPassword)
|
||||
{
|
||||
return hash_equals($hashedPassword, Security::hash($password, 'blowfish', $hashedPassword));
|
||||
}
|
||||
}
|
|
@ -22,7 +22,6 @@
|
|||
|
||||
App::uses('Model', 'Model');
|
||||
App::uses('LogableBehavior', 'Assets.models/behaviors');
|
||||
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');
|
||||
App::uses('RandomTool', 'Tools');
|
||||
|
||||
class AppModel extends Model
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
App::uses('AppModel', 'Model');
|
||||
App::uses('RandomTool', 'Tools');
|
||||
App::uses('CidrTool', 'Tools');
|
||||
App::uses('BlowfishPasswordHasherConstant', 'Tools');
|
||||
App::uses('BlowfishConstantPasswordHasher', 'Controller/Component/Auth');
|
||||
|
||||
/**
|
||||
* @property User $User
|
||||
|
@ -332,6 +332,6 @@ class AuthKey extends AppModel
|
|||
*/
|
||||
private function getHasher()
|
||||
{
|
||||
return new BlowfishPasswordHasherConstant();
|
||||
return new BlowfishConstantPasswordHasher();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -4,7 +4,7 @@ App::uses('AuthComponent', 'Controller/Component');
|
|||
App::uses('RandomTool', 'Tools');
|
||||
App::uses('GpgTool', 'Tools');
|
||||
App::uses('SendEmail', 'Tools');
|
||||
App::uses('BlowfishPasswordHasherConstant', 'Tools');
|
||||
App::uses('BlowfishConstantPasswordHasher', 'Controller/Component/Auth');
|
||||
|
||||
/**
|
||||
* @property Log $Log
|
||||
|
@ -272,7 +272,7 @@ class User extends AppModel
|
|||
{
|
||||
$this->data[$this->alias]['date_modified'] = time();
|
||||
if (isset($this->data[$this->alias]['password'])) {
|
||||
$passwordHasher = new BlowfishPasswordHasher();
|
||||
$passwordHasher = new BlowfishConstantPasswordHasher();
|
||||
$this->data[$this->alias]['password'] = $passwordHasher->hash($this->data[$this->alias]['password']);
|
||||
}
|
||||
return true;
|
||||
|
@ -1009,7 +1009,7 @@ class User extends AppModel
|
|||
App::uses('SimplePasswordHasher', 'Controller/Component/Auth');
|
||||
$passwordHasher = new SimplePasswordHasher();
|
||||
} else {
|
||||
$passwordHasher = new BlowfishPasswordHasherConstant();
|
||||
$passwordHasher = new BlowfishConstantPasswordHasher();
|
||||
}
|
||||
$hashed = $passwordHasher->check($password, $currentUser['User']['password']);
|
||||
return $hashed;
|
||||
|
|
Loading…
Reference in New Issue