public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 10:25:56 +00:00
Code Issues Releases Wiki Activity

implement app password checking / management UI

Browse Source
This commit is contained in:
Andrew Dolgov
2019-11-01 15:03:57 +03:00
parent b158103f2f
commit 249130e58d
3 changed files with 163 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
plugins/auth_internal/init.php
View File

@@ -258,6 +258,28 @@
}
private function check_app_password($login, $password, $service) {
$sth = $this->pdo->prepare("SELECT p.id, p.pwd_hash, u.id AS uid
FROM ttrss_app_passwords p, ttrss_users u
WHERE p.owner_uid = u.id AND u.login = ? AND service = ?");
$sth->execute([$login, $service]);
while ($row = $sth->fetch()) {
list ($algo, $hash, $salt) = explode(":", $row["pwd_hash"]);
if ($algo == "SSHA-512") {
$test_hash = hash('sha512', $salt . $password);
if ($test_hash == $hash) {
$usth = $this->pdo->prepare("UPDATE ttrss_app_passwords SET last_used = NOW() WHERE id = ?");
$usth->execute([$row['id']]);
return $row['uid'];
}
} else {
user_error("Got unknown algo of app password for user $login: $algo");
}
}
return false;
}