This forum has moved to a new location and is in read-only mode. Please visit talk.octobercms.com to access the new location.

kumawat.manu14322411
kumawat.manu14322411

I have built a new plugin which saves user to the backend with certain permissions. But when I have to update the created users in the plugin, I have to enter the password each time. So I thought of fetching the password for that particular user from the Db using a query, then unhash the password and save the same:

public function beforeSave(){

$savedpassword = DB::select("Select password from backend_users where first_name = ' ".$this->first_name." ' ");
$user = BackendAuth::register([
'first_name' => $this->firstname,
'last_name' => $this->lastname,
'login' => $this->login,
'email' => $this->email,
'password' => $savedpassword,
'password_confirmation' => $savedpassword, 
]);     

}

But I am not able to unhash the password using :

use Illuminate\Contracts\Encryption\DecryptException;

try { $decrypted = Crypt::decrypt($encryptedValue); } catch (DecryptException $ex) { // }

or even save the $savedpassword in the Db, i get an error

Last updated

Briddle
Briddle

I should hope that passwords in October CMS are stored hashed and not encrypted (hashed passwords are much safer because they cannot be decrypted).

Wikipedia: "A cryptographic hash function is a special class of hash function that has certain properties which make it suitable for use in cryptography. It is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size (a hash) and is designed to be a one-way function, that is, a function which is infeasible to invert." -https://en.wikipedia.org/wiki/Cryptographic_hash_function

Last updated

1-2 of 2

You cannot edit posts or make replies: the forum has moved to talk.octobercms.com.