Commit Graph

7 Commits

Author SHA1 Message Date
Alexei Sorokin
2861ae2823 [AuthCrypt] Password storage and comparison improvements
Password hashes are now stored in a TEXT attribute, not limited to 199 symbols.
That limitation makes no sense as password hashes are not the kind of
information to be indexed.

Actually replace crypt() with password_verify() for password checking, current
code left password_verify() unused.

Only update passwords when they use a different algorithm from the current
default. Previously "overwrite" meant rehashing every login.

Replace the "argon" boolean option with "algorithm" and "algorithm_options" for
better configurability.
The default remains whichever is default for PHP's password_hash.
2020-07-25 20:16:21 +03:00
Diogo Cordeiro
0b947ce2c7 [AuthCrypt] Update README and fix formatting 2020-07-25 17:42:46 +01:00
Hugo Sales
6c844315aa [CORE] Fix 'Array and string offset access syntax with curly braces is deprecated' in AuthCryptModule and DirectionDetectorPlugin 2020-05-04 10:47:23 +00:00
Diogo Cordeiro
b730582336 [CORE] Add GNUSOCIAL_ENGINE_REPO_URL and increase usage of GNUSOCIAL_ENGINE_URL 2019-11-21 00:21:22 +00:00
tenma
01f6d83b86 [MODULES] Fix VERSION constant to MODULE_VERSION in various modules 2019-10-30 23:52:14 +00:00
Diogo Cordeiro
0c2c3ec862 [CORE] Plugin API now extends a new Module API 2019-08-24 01:59:33 +01:00
Diogo Cordeiro
8c0601816f [CORE] Move core plugins to a new modules directory
For reference (raised by rozzin in IRC):

* http://foldoc.org/module
* http://foldoc.org/library
* http://foldoc.org/plugin

As noted by XRevan86, modules are not necessarily non-essential.
As we will keep the modules directory in GS root [therefore, near to
plugins/], it is evidenced the difference between both.

This is a simple yet fundamental structural change. It doesn't change
functionality but makes clearer the way we understand GNU social's
internals.
2019-08-22 03:13:58 +01:00