password_verify() with generated hash from Myth-auth returns false - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forumdisplay.php?fid=28) +--- Forum: CodeIgniter 4 Discussion (https://forum.codeigniter.com/forumdisplay.php?fid=31) +--- Thread: password_verify() with generated hash from Myth-auth returns false (/showthread.php?tid=79158) |
password_verify() with generated hash from Myth-auth returns false - sherlyid - 04-30-2021 I know that Myth-auth is not stable yet, but it's okay that's not my point. I want to make a change password feature so I wrote this in my controller: Code: $oldPass=$this->request->getPost('oldPass'); I don't know what's wrong with my code, but it returns false a4 so I checked again using a hardcoded password like this: Code: $check=password_verify('bayusetiaji14', user()->password_hash); but it's still returning false, is this a Myth-auth bug when hashing password or anything else? RE: password_verify() with generated hash from Myth-auth returns false - iRedds - 04-30-2021 use base64_encode(hash('sha384', $password, true)) to wrap the password before validation RE: password_verify() with generated hash from Myth-auth returns false - jonathanoeijoeng - 01-14-2022 (04-30-2021, 03:57 PM)iRedds Wrote: use base64_encode(hash('sha384', $password, true)) to wrap the password before validationthis is worked but after successfully change with new password, I cannot login again. What hash does myth auth using ? RE: password_verify() with generated hash from Myth-auth returns false - superior - 01-15-2022 I've used the Entity class itself, this way the password is stored like MythAuth does. see: https://github.com/lonnieezell/myth-auth/blob/develop/src/Entities/User.php#L55 |