Changeset 8a258ab for app

Timestamp:

08/26/24 13:20:24 (3 months ago)

Author:

bube-ristovska <ristovska725@…>

Branches:

main

Children:

5372778

Parents:

092fcda

Message:

hashed passwords

File:

• app/Http/Controllers/SessionsController.php (modified) (3 diffs)

app/Http/Controllers/SessionsController.php

@@ -8 +8 @@
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Session;
+use Illuminate\Support\Facades\Hash;
 
 class SessionsController extends Controller
 {
+    function verifyPassword($inputPassword, $storedHash, $salt)
+    {
+        $hashedInputPassword = crypt($inputPassword . $salt, $storedHash);
+
+        return $hashedInputPassword === $storedHash;
+    }
     public function store()
     {
@@ -29 +36 @@
         if($is_officer!=null) {
             $pass = DB::select('select o_password from officer where o_badge_no = :o_badge_no;', ['o_badge_no' => $badge_no]);
+            $salt = DB::select('select salt from officer where o_badge_no = :o_badge_no;', ['o_badge_no' => $badge_no]);
             $policeman = false;
         } else {
             $pass = DB::select('select p_password from policeman where badge_no = :badge_no;', ['badge_no' => $badge_no]);
+            $salt = DB::select('select salt from policeman where badge_no = :badge_no;', ['badge_no' => $badge_no]);
+
         }
 
@@ -38 +48 @@
             break; // Break after the first key-value pair
         }
-
-        if ($value == $password) {
+        foreach ($salt[0] as $key => $val) {
+            $value2 = $val;
+            break; // Break after the first key-value pair
+        }
+        if ($this->verifyPassword($password, $value, $value2)) {
             // Authentication passed
             Session::put('badge_no', $badge_no);