Commit Graph

7 Commits

Author SHA1 Message Date
Alexei Sorokin
7d7dbe627b [AuthCrypt] Password storage and comparison improvements
Password hashes are now stored in a TEXT attribute, not limited to 199 symbols.
That limitation makes no sense as password hashes are not the kind of
information to be indexed.

Actually replace crypt() with password_verify() for password checking, current
code left password_verify() unused.

Only update passwords when they use a different algorithm from the current
default. Previously "overwrite" meant rehashing every login.

Replace the "argon" boolean option with "algorithm" and "algorithm_options" for
better configurability.
The default remains whichever is default for PHP's password_hash.
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
c85feeaa1f [AuthCrypt] Update README and fix formatting 2021-07-16 19:44:37 +01:00
Hugo Sales
3f8f77dff1 [CORE] Fix 'Array and string offset access syntax with curly braces is deprecated' in AuthCryptModule and DirectionDetectorPlugin 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
165edc2609 [CORE] Add GNUSOCIAL_ENGINE_REPO_URL and increase usage of GNUSOCIAL_ENGINE_URL 2021-07-16 19:44:36 +01:00
tenma
06d7e5bf06 [MODULES] Fix VERSION constant to MODULE_VERSION in various modules 2021-07-16 19:44:35 +01:00
Diogo Cordeiro
20a6f1d4f4 [CORE] Plugin API now extends a new Module API 2021-07-16 19:44:33 +01:00
Diogo Cordeiro
c18f26145c [CORE] Move core plugins to a new modules directory
For reference (raised by rozzin in IRC):

* http://foldoc.org/module
* http://foldoc.org/library
* http://foldoc.org/plugin

As noted by XRevan86, modules are not necessarily non-essential.
As we will keep the modules directory in GS root [therefore, near to
plugins/], it is evidenced the difference between both.

This is a simple yet fundamental structural change. It doesn't change
functionality but makes clearer the way we understand GNU social's
internals.
2021-07-16 19:44:33 +01:00