Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Vanilla users to Laravel
I'm planning to migrate my vanilla site to a laravel site and while migrating the tables, I saw that the passwords were hashed. How can I use them for my new Laravel site? If I just copy it to the new table, will it work with Laravel's authentication or should I do something else?
0
Comments
Since you are moving to another platform, you should ask that at the laravel forums…
https://laracasts.com/discuss
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
The hashing algorithm is different.
A hash is only a value calculated based on some other values. But the result is not unique. More than one "password" could result in the same hash value. So you wouldn't be able to get the password from out of hash. All that is tested when a password is validated, is if this given password results in that hash.
You have two options:
a) send all your users a password reset link, so that they have to create a new password (with Laravel authentication) or
b) create a an intermediate step which uses both frameworks, at least for a given period of time. Whenever a user logs in, test if there is already a password set in the Laravel user table and then everything is fine. If not, validate that password against Vanilla (by using Vanilla) and on success write that password to the Laravel user table so that this user will be validated by Laravel all alone the next time.
vanilla use phppass hash however it uses the blowfish option unlike wordpress. This is a pretty good hash.
You could integrate this hashing method.
wrapper -> /core/class.passwordhash.php (checkVanilla method)
library -> /library/vendors/phpass.php
grep is your friend.
Thank you
Will try implementing it and let everyone know here
thank you for sharing. this will help me