66 lines
2.1 KiB
Ruby
66 lines
2.1 KiB
Ruby
# name: discourse-migratepassword
|
|
# about: enable alternative password hashes
|
|
# version: 0.7
|
|
# authors: Jens Maier and Michael@discoursehosting.com
|
|
|
|
# uses phpass-ruby https://github.com/uu59/phpass-ruby
|
|
|
|
# Usage:
|
|
# When migrating, store a custom field with the user containing the crypted password
|
|
|
|
# for vBulletin this should be #{password}:#{salt} md5(md5(pass) + salt)
|
|
# for vBulletin5 #{token} bcrypt(md5(pass))
|
|
# for Phorum #{password} md5(pass)
|
|
# for Wordpress #{password} phpass(8).crypt(pass)
|
|
# for SMF #{username}:#{password} sha1(user+pass)
|
|
# for WBBlite #{salt}:#{hash} sha1(salt+sha1(salt+sha1(pass)))
|
|
|
|
|
|
# for scrypt
|
|
#gem 'rake'
|
|
#gem 'ffi'
|
|
#gem 'ffi-compiler'
|
|
#gem 'scrypt', '3.0.1'
|
|
|
|
require 'digest'
|
|
|
|
after_initialize do
|
|
|
|
module ::AlternativePassword
|
|
def confirm_password?(password)
|
|
return true if super
|
|
return false unless (self.custom_fields.has_key?('sha_pass') || self.custom_fields.has_key?('scrypt_sha_pass'))
|
|
|
|
if AlternativePassword::check_smf(password, self.custom_fields['import_username'], self.custom_fields['sha_pass']) #|| AlternativePassword::check_smf_scrypt(password, self.custom_fields['import_username'], self.custom_fields['scrypt_sha_pass'])
|
|
self.password = password
|
|
self.custom_fields.delete('sha_pass')
|
|
self.custom_fields.delete('scrypt_sha_pass')
|
|
return save
|
|
end
|
|
false
|
|
end
|
|
|
|
def self.check_smf(password, user, hash)
|
|
sha1 = Digest::SHA1.new
|
|
sha1.update user.downcase + password
|
|
hash == sha1.hexdigest
|
|
end
|
|
|
|
#def self.check_smf_scrypt(password, user, hash)
|
|
# sha1 = Digest::SHA1.new
|
|
# sha1.update user.downcase + password
|
|
# begin
|
|
# SCrypt::Password.new(hash) == sha1.hexdigest
|
|
# rescue
|
|
# false
|
|
# end
|
|
#end
|
|
end
|
|
|
|
class ::User
|
|
prepend AlternativePassword
|
|
end
|
|
|
|
end
|
|
|