Solved thread

This post is marked as solved. If you think the information contained on this thread must be part of the official documentation, please contribute submitting a pull request to its repository.

phalcon-rest-boilerplate: Blowfish vs MD5

Hello,

I am trying to use Phalcon REST Boilerplate project with 3rd-party user database with MD5 password hashes. Now it returns 'Authentication: Login Failed' while authentication. What should I change in scripts to make Boilerplate recognize MD5 hashes?

Why you even want to use md5 ? It's old and not secure anymore, at least not for password hashes.

Why you even want to use md5 ? It's old and not secure anymore, at least not for password hashes.

Yes, I know this. But I need to integrate a RESTful server into ancient Web-site with old authentification procedure with MD5 hashes stored in a MySQL database.

Require password reset on new login and update past MD5 IMO.

More on topic. Without any code its hard to help you. "Phalcon REST Boilerplate" this coudl be one of 100 poilerplate projects for all we know.



977
Accepted
answer

Sorry, Christian. That time I did not realise the exact place in code. Next time I'll be more specific.

I made integration of Boilerplate project with my database. There were some changes in User model and EmailAccountType class:

$hashMD5 = md5($password);

if (strcmp($user->password, $hashMD5)) {

return null;

}