1. phpLiteAdmin Avatar phpLiteAdmin
  2. phpLiteAdmin
  3. public
  4. Issues

Manage (generate/read) Salt within Authorization class

Issue #173 resolved
Christopher Kramer created an issue

Originally reported on Google Code with ID 173

The salt is currently generated outside the Authorization class. This means we have
a global assumption (that some salt is generated). We should better put salt-management
inside the class to decouple it (the rest of phpLiteAdmin doesn't use the salt).

(This issue has first been mentioned as a comment in issue #170.)

Reported by crazy4chrissi on 2013-02-09 21:28:37

Comments (6)

  1. dreadnaut 
    Agreed. We can also remove the SYSTEMPASSWORDENCRYPTED constant and make it a [static]
property of Authorization.

    Reported by dreadnaut on 2013-02-10 14:12:20 - Status changed: Accepted - Labels added: Maintainability

  3. dreadnaut 
    Here's a patch against r333. It moves the hash generation in Authorization's constructor
and replaces SYSTEMPASSWORDENCRYPTED with ->system_password_encrypted.

    Reported by dreadnaut on 2013-02-10 19:08:14

    <hr> * Attachment: hash-in-auth-r333.diff

  4. Christopher Kramer reporter 
    Thanks. Looks good. Please commit it to svn.

    Reported by crazy4chrissi on 2013-02-15 14:41:25

  5. dreadnaut 
    This issue was closed by revision r338.

    Reported by dreadnaut on 2013-02-15 22:57:27 - Status changed: Fixed

  7. Log in to comment
Assignee
Type
enhancement
Priority
minor
Status
resolved
Component
Milestone
Version
Votes
0
Watchers
0
Jira Software: the preferred issue tracker for Bitbucket. Join the team!