Codeigniter Ion Auth generating a password

Question

In an app i am making i need to edit and create some passwords with haste and i think i have found a way but i doubt its correctness.

I dug through ion auth and found this function in the ion_auth_model

/**
     * Hashes the password to be stored in the database.
     *
     * @return void
     * @author Mathew
     **/
    public function hash_password($password, $salt=false, $use_sha1_override=FALSE)
    {
        if (empty($password))
        {
            return FALSE;
        }

        //bcrypt
        if ($use_sha1_override === FALSE && $this->hash_method == 'bcrypt')
        {
            return $this->bcrypt->hash($password);
        }


        if ($this->store_salt && $salt)
        {
            return  sha1($password . $salt);
        }
        else
        {
            $salt = $this->salt();
            return  $salt . substr(sha1($salt . $password), 0, -$this->salt_length);
        }
    }

and tested by creating this public function in one of my controllers

public function Qpass_gen(){
    $pass = $this->ion_auth_model->hash_password('password',FALSE,FALSE);
    echo $pass;
    }

and when i replaced the Qpass_gen() string with the one stored defaultly in the database by ion_auth,i managed to log in.

Is my method for quickly generating passwords guaranteed to work always?.

score 3 · Accepted Answer · edited Jul 24 '20 at 10:13

3

Yes, that's a good way to handle it. As the author of the library, that's what I would recommend.

edited Jul 24 '20 at 10:13

Cody Gray - on strike

239,200
50
490
574

answered Jan 18 '15 at 03:44

Ben Edmunds

888
4
6

Codeigniter Ion Auth generating a password

1 Answers1