Closed webgeek1234 closed 4 years ago
@webgeek1234 Was this tested and does this work for you??
The SMF 2.1 check doesn’t make sense to me.
Maybe you can explain the thought or concept behind this logic?
@davidebeatrici What was your context for approving this? How deep did you verify? Just a look of unknown code, or knowing or checking methods and how they are used? I presume no test?
How does SMF 2.1 handle existing accounts? When are passwords bcrypt vs sha1 on a 2.1 installation?
I’m not too familiar with the python landscame. Can you point me to/tell me where/if there is a reference documentation for the hashpw function? I would like to know in what cases the exception is thrown.
I am actively using this on a public install. I based it on the mediawiki integration module while also referencing smf directly. It's been a while since I wrote the code, so I don't remember the specifics. SMF switched to bcrypt for 2.1, but we have to account for people that haven't logged into the forum post-upgrade and still have the old hash method.
Okay, I guess I will have to test it on an instance to understand it…
Thank you very much for your contribution!