Allow both Ejabberd and CakePHP 3 use same users table and passwords

Question

Im developing a web app which uses cakePHP 3. I have the app working, and i need to add ejabberd 15.x chat to my app.

I have configured the jabber to use odbc mysql and users database table( the same users table that cakephp uses ).

Now, the problem, is, my web app can log in/register users just fine, using cakephp's bcrypt password hasher. However, because passwords are hashed, ejabberd cant log those users in because it uses plain text passwords.

I could disable password hashing in cakephp and make it work that way, but, i would rather prefer the extra security that hashing provides, and enable exact same bcrypt hashing on ejabberd side, so it could log in using hashes that cakephp generated.

Is there a way to make ejabberd and cakephp3 hash passwords exactly the same way ?.

Answer 1

Creating a class extending AbstractPasswordHasher should do the trick. Follow the pattern(s) used for FallbackPasswordHasher.

http://api.cakephp.org/3.0/class-Cake.Auth.AbstractPasswordHasher.html

Then configure your system to use the new class:

http://book.cakephp.org/3.0/en/controllers/components/authentication.html#changing-hashing-algorithms

(quoted below, as an example)

Changing Hashing Algorithms

CakePHP provides a clean way to migrate your users’ passwords from one algorithm to another, this is achieved through the FallbackPasswordHasher class. Assuming you are migrating your app from CakePHP 2.x which uses sha1 password hashes, you can configure the AuthComponent as follows:

public function initialize()
{
    parent::initialize();
    $this->loadComponent('Auth', [
        'authenticate' => [
            'Form' => [
                'passwordHasher' => [
                    'className' => 'Fallback',
                    'hashers' => [
                        'Default',
                        'Weak' => ['hashType' => 'sha1']
                    ]
                ]
            ]
        ]
    ]);
}

The first name appearing in the hashers key indicates which of the classes is the preferred one, but it will fallback to the others in the list if the check was unsuccessful.