Joomla 3.4密码生成方法 [英] Joomla 3.4 password generation method
问题描述
所以这是我的输入密码:
测试
这是我作为Joomla数据库中的加密密码的输出:
$ 2y $ 10 $ XXrVok3 / 3Otqg6FmqFzUmObA.rLpLt.BswwSJ7d我发现这可能与BLOWFISH加密有关,但它需要其他东西(例如:生成的盐或数据库中的令牌,我可以找不到)
Joomla!使用 PhPass 。
root / libraries / phpass / PasswordHash.php
看看这里。你将在这里看到如何生成密码。
$ 2y 是默认(和首选)前缀 bcrypt哈希。至于代码,你需要查看 JUserHelper的 hashPassword 和 verifyPassword 方法来查看Joomla如何处理现在的事情。
某些推介 -
https://github.com /joomla/joomla-cms/blob/3.4.1/libraries/joomla/user/helper.php#L296-L387
https://docs.joomla.org/API15:JUserHelper/getCryptedPassword
https://docs.joomla.org/API15:JUserHelper/getSalt
查看链接,希望你能帮助你;)
I can't find out how Joomla encrypted passwords. My problem is that i want to make the exact method as Jommla does in a simple php page with a form and without any OOP method.
So this is my input as a password: test
and this is my output as an ancrypted password in Joomla database: $2y$10$XXrVok3/3Otqg6FmqFzUmObA.rLpLt.BswwSJ7d.iCPoGSJtcqSvm
I found out that it is maybe in connection with the BLOWFISH encrytion, but it needs something else (for example: generated salt or a token in the database which i couldn't find)
Joomla! uses PhPass.
root/libraries/phpass/PasswordHash.php
have a look here. you will see here how the password is generating.
The $2y is the default (and preferred) prefix on bcrypt hashes. As for code, you'll want to look inside JUserHelper's hashPassword and verifyPassword methods to see how Joomla's working with things right now.
Some Referances -
https://github.com/joomla/joomla-cms/blob/3.4.1/libraries/joomla/user/helper.php#L296-L387
https://docs.joomla.org/API15:JUserHelper/getCryptedPassword
https://docs.joomla.org/API15:JUserHelper/getSalt
Check the links, I hope you it will help you ;)
这篇关于Joomla 3.4密码生成方法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
