From 5e347e4efaa81c2108256dc927208cd55dc10baa Mon Sep 17 00:00:00 2001
From: Laria Carolin Chabowski <laria@laria.me>
Date: Fri, 25 Sep 2020 23:09:31 +0200
Subject: Use password_hash() and friends to hash and verify passwords

Previously I rolled my own password hashing function. While it at least
used some sort of salt, it's still a terrible idea.

The newly created class PasswordHash wraps the password_hash() family of
functions but can also check the old password hash format (to distinguish
them, the new password hashes are prefixed with a '!'). In
PasswordHash::needsRehash we then always report an hash of the old format
as being in need of a rehash. That way, these old hashes will be replaced
the next time the user successfully logs in.
---
 ratatoeskr/backend.php | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'ratatoeskr/backend.php')

diff --git a/ratatoeskr/backend.php b/ratatoeskr/backend.php
index 12a57de..fefa817 100644
--- a/ratatoeskr/backend.php
+++ b/ratatoeskr/backend.php
@@ -15,9 +15,9 @@ use r7r\ste\Transcompiler;
 use r7r\ste\Parser;
 use r7r\cms\sys\Env;
 use r7r\cms\sys\Esc;
+use r7r\cms\sys\PasswordHash;
 
 require_once(dirname(__FILE__) . "/sys/models.php");
-require_once(dirname(__FILE__) . "/sys/pwhash.php");
 require_once(dirname(__FILE__) . "/sys/textprocessors.php");
 require_once(dirname(__FILE__) . "/sys/plugin_api.php");
 require_once(dirname(__FILE__) . "/languages.php");
@@ -109,9 +109,16 @@ function build_backend_subactions()
         if (!empty($_POST["user"])) {
             try {
                 $user = User::by_name($_POST["user"]);
-                if (!PasswordHash::validate($_POST["password"], $user->pwhash)) {
+                $password = (string)$_POST["password"];
+                if (!PasswordHash::verify($password, $user->pwhash)) {
                     throw new Exception();
                 }
+
+                if (PasswordHash::needsRehash($user->pwhash)) {
+                    $user->pwhash = PasswordHash::hash($password);
+                    $user->save();
+                }
+
                 if (!$user->member_of($admin_grp)) {
                     throw new Exception();
                 }
@@ -1342,7 +1349,7 @@ function build_backend_subactions()
                             User::by_name($_POST["username"]);
                             $ste->vars["error"] = $translation["user_already_exists"];
                         } catch (DoesNotExistError $e) {
-                            User::create($_POST["username"], PasswordHash::create($_POST["initial_password"]));
+                            User::create($_POST["username"], PasswordHash::hash($_POST["initial_password"]));
                             $ste->vars["success"] = $translation["successfully_created_user"];
                         }
                     }
@@ -1466,7 +1473,7 @@ function build_backend_subactions()
 
                 /* New Password? */
                 if (isset($_POST["new_password"])) {
-                    $pwhash = PasswordHash::create($_POST["password"]);
+                    $pwhash =  PasswordHash::hash($_POST["password"]);
                     $user->pwhash = $pwhash;
                     if ($user->get_id() == $data["user"]->get_id()) {
                         $_SESSION["ratatoeskr_pwhash"] = $pwhash;
-- 
cgit v1.2.3-70-g09d2