+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forumdisplay.php?fid=28)
+--- Forum: CodeIgniter 4 Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=31)
+--- Thread: password_verify() with generated hash from Myth-auth returns false (/showthread.php?tid=79158)
password_verify() with generated hash from Myth-auth returns false - sherlyid - 04-30-2021
I know that Myth-auth is not stable yet, but it's okay that's not my point.
I want to make a change password feature so I wrote this in my controller:
Code:
$oldPass=$this->request->getPost('oldPass');
$check=password_verify($oldPass, user()->password_hash);
//Myth-auth has helper to get field data in database using user()->column_name function
var_dump($check);die;I don't know what's wrong with my code, but it returns false a4
so I checked again using a hardcoded password like this:
Code:
$check=password_verify('bayusetiaji14', user()->password_hash);
//using double qoutes
$check2=password_verify("bayusetiaji14", user()->password_hash);but it's still returning false, is this a Myth-auth bug when hashing password or anything else?
RE: password_verify() with generated hash from Myth-auth returns false - iRedds - 04-30-2021
use base64_encode(hash('sha384', $password, true)) to wrap the password before validation
RE: password_verify() with generated hash from Myth-auth returns false - jonathanoeijoeng - 01-14-2022
(04-30-2021, 03:57 PM)iRedds Wrote: use base64_encode(hash('sha384', $password, true)) to wrap the password before validationthis is worked but after successfully change with new password, I cannot login again. What hash does myth auth using ?
RE: password_verify() with generated hash from Myth-auth returns false - superior - 01-15-2022
I've used the Entity class itself, this way the password is stored like MythAuth does.
see: https://github.com/lonnieezell/myth-auth/blob/develop/src/Entities/User.php#L55