Welcome Guest, Not a member yet? Register   Sign In
password_verify() with generated hash from Myth-auth returns false
#1

(This post was last modified: 05-03-2021, 11:20 AM by sherlyid.)

I know that Myth-auth is not stable yet, but it's okay that's not my point.

I want to make a change password feature so I wrote this in my controller:

Code:
$oldPass=$this->request->getPost('oldPass');
$check=password_verify($oldPass, user()->password_hash);

//Myth-auth has helper to get field data in database using user()->column_name function

var_dump($check);die;

I don't know what's wrong with my code, but it returns false a4

so I checked again using a hardcoded password like this:

Code:
$check=password_verify('bayusetiaji14', user()->password_hash);
//using double qoutes
$check2=password_verify("bayusetiaji14", user()->password_hash);

but it's still returning false, is this a Myth-auth bug when hashing password or anything else?
Reply
#2

(This post was last modified: 04-30-2021, 04:19 PM by iRedds.)

use base64_encode(hash('sha384', $password, true)) to wrap the password before validation
Reply
#3

(04-30-2021, 03:57 PM)iRedds Wrote: use base64_encode(hash('sha384', $password, true)) to wrap the password before validation
this is worked but after successfully change with new password, I cannot login again. What hash does myth auth using ?
Reply
#4

I've used the Entity class itself, this way the password is stored like MythAuth does.

see: https://github.com/lonnieezell/myth-auth...er.php#L55
Reply




Theme © iAndrew 2016 - Forum software by © MyBB