# HG changeset patch # User Waqas Hussain # Date 1315763615 -18000 # Node ID 816d8e3e83a3242578b3af0f210445e23ba48055 # Parent eaafb38daa5e19235db017079424d0a0d1a30f5b mod_auth_phpbb3: A little refactoring. diff -r eaafb38daa5e -r 816d8e3e83a3 mod_auth_phpbb3/mod_auth_phpbb3.lua --- a/mod_auth_phpbb3/mod_auth_phpbb3.lua Sat Sep 10 22:37:18 2011 +0500 +++ b/mod_auth_phpbb3/mod_auth_phpbb3.lua Sun Sep 11 22:53:35 2011 +0500 @@ -88,8 +88,8 @@ end end + local itoa64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; - local function hashEncode64(input, count) local output = ""; local i, value = 0, 0; @@ -162,9 +162,10 @@ return output; end local function phpbbCheckHash(password, hash) + if #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash return #hash == 34 and hashCryptPrivate(password, hash) == hash; end -local function phpbbHash(password) +local function phpbbCreateHash(password) local random = uuid_gen():sub(-6); local salt = hashGensaltPrivate(random); local hash = hashCryptPrivate(password, salt); @@ -176,9 +177,7 @@ provider = { name = "phpbb3" }; function provider.test_password(username, password) - --module:log("debug", "test_password '%s' for user %s", tostring(password), tostring(username)); local hash = get_password(username); - if hash and #hash == 32 then return hash == md5(password, true); end -- legacy PHPBB2 hash return hash and phpbbCheckHash(password, hash); end function provider.user_exists(username) @@ -190,7 +189,7 @@ return nil, "Getting password is not supported."; end function provider.set_password(username, password) - local hash = phpbbHash(password); + local hash = phpbbCreateHash(password); local stmt, err = setsql("UPDATE `phpbb_users` SET `user_password`=? WHERE `username`=?", hash, username); return stmt and true, err; end