[eluser]RayGarrison[/eluser]
[quote author="RayGarrison" date="1299317339"]Didn't see this in previous pages of topic, if it's been answered I apologise.
documentation warns that encryption routine used precludes moving application to a new server, as you can't dump/reload the database because encryption generates different hash on different systems. Docs say this is configurable. I have scoured files and don't see anyplace where I can control this behavior. If I know that I will be moving my application to a new server in the future, how do I configure the encryption algorithm such that I can port my user database to a new server without asking everyone to reset their passwords?[/quote] Have a look in config/tank_auth:
Code:
/*
|--------------------------------------------------------------------------
| Security settings
|
| The library uses PasswordHash library for operating with hashed passwords.
| 'phpass_hash_portable' = Can passwords be dumped and exported to another server. If set to FALSE then you won't be able to use this database on another server.
| 'phpass_hash_strength' = Password hash strength.
|--------------------------------------------------------------------------
*/
$config['phpass_hash_portable'] = FALSE;
$config['phpass_hash_strength'] = 8;
[/quote]
Thanks for the reply. The version of Tank_auth that I downloaded on February 5th did not include a security section in the config file. I thought that was the most recent version, guess I was wrong. I just downloaded the newest ZIP file, and the security section is in the config file. Color me puzzled.