summaryrefslogtreecommitdiff
path: root/lib/VNDB/Util/Auth.pm
diff options
context:
space:
mode:
Diffstat (limited to 'lib/VNDB/Util/Auth.pm')
-rw-r--r--lib/VNDB/Util/Auth.pm23
1 files changed, 2 insertions, 21 deletions
diff --git a/lib/VNDB/Util/Auth.pm b/lib/VNDB/Util/Auth.pm
index a1c6cf08..0c3b5b73 100644
--- a/lib/VNDB/Util/Auth.pm
+++ b/lib/VNDB/Util/Auth.pm
@@ -5,7 +5,7 @@ package VNDB::Util::Auth;
use strict;
use warnings;
use Exporter 'import';
-use Digest::SHA qw|sha1 sha1_hex sha256|;
+use Digest::SHA qw|sha1 sha1_hex|;
use Crypt::URandom 'urandom';
use Crypt::ScryptKDF 'scrypt_raw';
use Encode 'encode_utf8';
@@ -112,16 +112,7 @@ sub _authCheck {
my $d = $self->dbUserGet(username => $user, what => 'extended notifycount')->[0];
return 0 if !$d->{id};
- # Old-style hashes
- if(length $d->{passwd} == 41) {
- return 0 if _authPreparePassSha256($self, $pass, substr $d->{passwd}, 0, 9) ne $d->{passwd};
- $self->{_auth} = $d;
- # Update database with new hash format, now that we have the plain text password
- $self->dbUserEdit($d->{id}, passwd => $self->authPreparePass($pass));
- return 1;
- }
-
- # New scrypt hashes
+ # scrypt format
if(length $d->{passwd} == 46) {
my($N, $r, $p, $salt) = unpack 'NCCa8', $d->{passwd};
return 0 if $self->authPreparePass($pass, $salt, $N, $r, $p) ne $d->{passwd};
@@ -144,16 +135,6 @@ sub authPreparePass {
}
-# Same as authPreparePass, but for the old sha256 hash.
-# Arguments: pass, optionally salt
-# Returns: encrypted password (as a binary string)
-sub _authPreparePassSha256 {
- my($self, $pass, $salt) = @_;
- $salt ||= encode_utf8(randomascii(9));
- return $salt.sha256($self->{global_salt} . encode_utf8($pass) . $salt);
-}
-
-
# Generates a random token that can be used to reset the password.
# Returns: token (hex string), token-encrypted (binary string)
sub authPrepareReset {