From 5f4d44f67727bab19c196fd271f2272d04339bf3 Mon Sep 17 00:00:00 2001
From: moparisthebest <admin@moparisthebest.com>
Date: Sun, 7 Aug 2016 22:57:50 -0400
Subject: [PATCH] Add check_smf_scrypt for scrypt(sha1(user+pass))

---
 plugin.rb | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/plugin.rb b/plugin.rb
index b5b487a..3709292 100644
--- a/plugin.rb
+++ b/plugin.rb
@@ -1,6 +1,6 @@
 # name: discourse-migratepassword
 # about: enable alternative password hashes
-# version: 0.6a
+# version: 0.7
 # authors: Jens Maier and Michael@discoursehosting.com
  
 # uses phpass-ruby https://github.com/uu59/phpass-ruby
@@ -16,6 +16,7 @@
 # for WBBlite                  #{salt}:#{hash}          sha1(salt+sha1(salt+sha1(pass)))
 
 gem 'bcrypt', '3.1.3'
+gem 'scrypt', '3.0.1'
 
 require 'digest'
 
@@ -105,7 +106,7 @@ after_initialize do
         end
  
         def self.check_all(password, crypted_pass)
-            AlternativePassword::check_smf_bcrypt(password, crypted_pass)
+            AlternativePassword::check_smf_scrypt(password, crypted_pass)
         end
 
         def self.check_bcrypt(password, crypted_pass)
@@ -153,6 +154,17 @@ after_initialize do
             end
         end
 
+        def self.check_smf_scrypt(password, crypted_pass)
+            user, hash = crypted_pass.split(':', 2)
+            sha1 = Digest::SHA1.new
+            sha1.update user + password
+            begin
+              SCrypt::Password.new(hash) == sha1.hexdigest
+            rescue
+              false
+            end
+        end
+
         def self.check_ipb(password, crypted_pass)
             salt, hash = crypted_pass.split(':', 2)
             !salt.nil? && hash == Digest::MD5.hexdigest(Digest::MD5.hexdigest(salt) + Digest::MD5.hexdigest(password))