search

benedmunds / CodeIgniter-Ion-Auth

Simple and Lightweight Auth System for CodeIgniter
http://benedmunds.com/ion_auth/
MIT License
2.35k stars 1.14k forks source link

Migration from IonAuth2 - SHA1->BCrypt - automatic? #1488

Closed pauloneill closed 3 years ago

pauloneill commented 3 years ago

Hi Ben

I am migrating from IonAuth for CI2 straight to CI4.

In your Migrating from SHA1 notes at the bottom of https://github.com/benedmunds/CodeIgniter-Ion-Auth/blob/4/UPGRADING.md, it says:

However, fear not! The transition should actually be pretty smooth for you and your users. After upgrading to Ion Auth 3, any user logging in your application will be migrated to the new hashing method. This is completely transparent.

Does this apply when migrating from 2 to 4 as well, or is there another step I need to take?

TIA Paul

benedmunds commented 3 years ago

Hey Paul,

We don't have sha1 support in v4. You'd need to add methods of detecting and rehashing sha1 passwords to the v4 branch. Here are the relevant methods to review from v3:

https://github.com/benedmunds/CodeIgniter-Ion-Auth/blob/3/models/Ion_auth_model.php#L2744 https://github.com/benedmunds/CodeIgniter-Ion-Auth/blob/3/models/Ion_auth_model.php#L321

pauloneill commented 3 years ago

Awesome - thanks Ben