Codeigniter tank auth check user entered password

Question

I'm using Tank Auth for my website.

I've searched for a function that would check if user has entered a valid password, when he tries to update his profile.

I don't understand how to hash password from user input that would match one in database.

Here's my controllers code:

            $password = $this->input->post('password');
            $hasher = new PasswordHash(
                $this->config->item('phpass_hash_strength', 'tank_auth'),
                $this->config->item('phpass_hash_portable', 'tank_auth')
            );
            $hashed_password = $hasher->HashPassword($password);

$hashed_password gives me different hash each time

I dont think that i should enable phpass_hash_portable

Any advices?

score 2 · Answer 1 · answered Sep 27 '12 at 08:57

2

You need to use the CheckPassword module of the Tank Auth instead of hashing it by using the PasswordHash of the phpass.

answered Sep 27 '12 at 08:57

Ankur Agarwal

31
2

score 0 · Answer 2 · edited Sep 28 '12 at 12:00

0

You can check your password by using this function:

$hasher->CheckPassword(password which has to be checked,password from database).

instead of encrypting yourself.

Note: password which has to be checked => is raw data password from database => password from database.

edited Sep 28 '12 at 12:00

ronalchn

12,225
10
51
61

answered Sep 27 '12 at 09:08

Ankur Agarwal

31
2

Codeigniter tank auth check user entered password

2 Answers2