We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

phalcon-rest-boilerplate: Blowfish vs MD5

Hello,

I am trying to use Phalcon REST Boilerplate project with 3rd-party user database with MD5 password hashes. Now it returns 'Authentication: Login Failed' while authentication. What should I change in scripts to make Boilerplate recognize MD5 hashes?

Why you even want to use md5 ? It's old and not secure anymore, at least not for password hashes.

Why you even want to use md5 ? It's old and not secure anymore, at least not for password hashes.

Yes, I know this. But I need to integrate a RESTful server into ancient Web-site with old authentification procedure with MD5 hashes stored in a MySQL database.

Require password reset on new login and update past MD5 IMO.

More on topic. Without any code its hard to help you. "Phalcon REST Boilerplate" this coudl be one of 100 poilerplate projects for all we know.



2.0k
Accepted
answer

Sorry, Christian. That time I did not realise the exact place in code. Next time I'll be more specific.

I made integration of Boilerplate project with my database. There were some changes in User model and EmailAccountType class:

$hashMD5 = md5($password);

if (strcmp($user->password, $hashMD5)) {

return null;

}