harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

NaCl passwords - (db update)

Browse Source
This commit is contained in:
friendica 2012-08-21 17:48:09 -07:00
parent 2f81fb4385
commit 9b9f35f8e5
3 changed files with 40 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
database.sql
View File

@ -9,6 +9,7 @@ SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
CREATE TABLE IF NOT EXISTS `account` ( CREATE TABLE IF NOT EXISTS `account` (
`account_id` int(11) NOT NULL AUTO_INCREMENT, `account_id` int(11) NOT NULL AUTO_INCREMENT,
`account_parent` int(10) unsigned NOT NULL, `account_parent` int(10) unsigned NOT NULL,
`account_salt` char(32) NOT NULL,
`account_password` char(255) NOT NULL, `account_password` char(255) NOT NULL,
`account_email` char(255) NOT NULL, `account_email` char(255) NOT NULL,
`account_language` char(16) NOT NULL DEFAULT 'en', `account_language` char(16) NOT NULL DEFAULT 'en',
@ -21,7 +22,6 @@ CREATE TABLE IF NOT EXISTS `account` (
`account_expire_notified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `account_expire_notified` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`account_service_class` char(32) NOT NULL, `account_service_class` char(32) NOT NULL,
PRIMARY KEY (`account_id`), PRIMARY KEY (`account_id`),
KEY `account_password` (`account_password`),
KEY `account_email` (`account_email`), KEY `account_email` (`account_email`),
KEY `account_service_class` (`account_service_class`), KEY `account_service_class` (`account_service_class`),
KEY `account_parent` (`account_parent`), KEY `account_parent` (`account_parent`),
@ -111,6 +111,8 @@ CREATE TABLE IF NOT EXISTS `contact` (
`id` int(11) NOT NULL AUTO_INCREMENT, `id` int(11) NOT NULL AUTO_INCREMENT,
`uid` int(11) NOT NULL COMMENT 'owner uid', `uid` int(11) NOT NULL COMMENT 'owner uid',
`created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00', `created` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
`my_perms` int(10) unsigned NOT NULL DEFAULT '0',
`their_perms` int(10) unsigned NOT NULL DEFAULT '0',
`self` tinyint(1) NOT NULL DEFAULT '0' COMMENT 'boolean 1 == info for local UID, primarily name and photo to use in item displays.', `self` tinyint(1) NOT NULL DEFAULT '0' COMMENT 'boolean 1 == info for local UID, primarily name and photo to use in item displays.',
`remote_self` tinyint(1) NOT NULL DEFAULT '0', `remote_self` tinyint(1) NOT NULL DEFAULT '0',
`rel` tinyint(1) NOT NULL DEFAULT '0', `rel` tinyint(1) NOT NULL DEFAULT '0',
@ -183,7 +185,9 @@ CREATE TABLE IF NOT EXISTS `contact` (
KEY `hidden` (`hidden`), KEY `hidden` (`hidden`),
KEY `archive` (`archive`), KEY `archive` (`archive`),
KEY `forum` (`forum`), KEY `forum` (`forum`),
KEY `notify` (`notify`) KEY `notify` (`notify`),
KEY `my_perms` (`my_perms`),
KEY `their_perms` (`their_perms`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8; ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `conv` ( CREATE TABLE IF NOT EXISTS `conv` (
@ -510,7 +514,6 @@ CREATE TABLE IF NOT EXISTS `item` (
KEY `contact-id` (`contact-id`), KEY `contact-id` (`contact-id`),
KEY `type` (`type`), KEY `type` (`type`),
KEY `parent` (`parent`), KEY `parent` (`parent`),
KEY `parent_uri` (`parent_uri`),
KEY `created` (`created`), KEY `created` (`created`),
KEY `edited` (`edited`), KEY `edited` (`edited`),
KEY `visible` (`visible`), KEY `visible` (`visible`),
@ -529,6 +532,7 @@ CREATE TABLE IF NOT EXISTS `item` (
KEY `uid_commented` (`uid`,`commented`), KEY `uid_commented` (`uid`,`commented`),
KEY `uid_created` (`uid`,`created`), KEY `uid_created` (`uid`,`created`),
KEY `uid_unseen` (`uid`,`unseen`), KEY `uid_unseen` (`uid`,`unseen`),
KEY `parent_uri` (`parent_uri`),
FULLTEXT KEY `title` (`title`), FULLTEXT KEY `title` (`title`),
FULLTEXT KEY `body` (`body`), FULLTEXT KEY `body` (`body`),
FULLTEXT KEY `allow_cid` (`allow_cid`), FULLTEXT KEY `allow_cid` (`allow_cid`),
@ -579,11 +583,11 @@ CREATE TABLE IF NOT EXISTS `mail` (
KEY `guid` (`guid`), KEY `guid` (`guid`),
KEY `seen` (`seen`), KEY `seen` (`seen`),
KEY `uri` (`uri`), KEY `uri` (`uri`),
KEY `parent_uri` (`parent_uri`),
KEY `created` (`created`), KEY `created` (`created`),
KEY `convid` (`convid`), KEY `convid` (`convid`),
KEY `unknown` (`unknown`), KEY `unknown` (`unknown`),
KEY `contact-id` (`contact-id`) KEY `contact-id` (`contact-id`),
KEY `parent_uri` (`parent_uri`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8; ) ENGINE=MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `mailacct` ( CREATE TABLE IF NOT EXISTS `mailacct` (

31
include/account.php
View File

@ -117,14 +117,16 @@ function create_account($arr) {
return $result; return $result;
} }
$password_encoded = hash('whirlpool',$password); $salt = random_string(32);
$password_encoded = hash('whirlpool', $salt . $password);
$r = q("INSERT INTO account $r = q("INSERT INTO account
( account_parent, account_password, account_email, account_language, ( account_parent, account_salt, account_password, account_email, account_language,
account_created, account_flags, account_roles, account_expires, account_created, account_flags, account_roles, account_expires,
account_service_class ) account_service_class )
VALUES ( %d, '%s', '%s', '%s', '%s', %d, %d, '%s', '%s' )", VALUES ( %d, '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s' )",
intval($parent), intval($parent),
dbesc($salt),
dbesc($password_encoded), dbesc($password_encoded),
dbesc($email), dbesc($email),
dbesc(get_best_language()), dbesc(get_best_language()),
@ -159,3 +161,26 @@ function create_account($arr) {
return $result; return $result;
} }
/**
* Verify login credentials
*
* Returns account record on success, null on failure
*
*/
function account_verify_password($email,$pass) {
$r = q("select * from account where email = '%s'",
dbesc($email)
);
if(! ($r && count($r)))
return null;
foreach($r as $record) {
if(hash('whirlpool',$record['account_salt'] . $pass) === $record['account_password']) {
return $record;
}
}
return null;
}

2
version.inc
View File

@ -1 +1 @@
2012-08-19.51 2012-08-21.53