incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Hewitt <mar...@thenoi.se>
Subject Re: PHP-based SHA1 algorithm?
Date Wed, 23 Mar 2011 12:53:10 GMT
Hi all,

Just wondering if anyone has done this successfully in PHP and could offer advice?

My code is currently:

$user = array();
$user['_id'] = "org.couchdb.user:".$newUser;
$user['type'] = "user";
$user['name'] = $newUser;
$user['roles'] = "numpty";

$salt = "qwertyuiop";
$newPassword = "test";

$user['password_sha'] = sha1($newPassword.$salt);
$user['salt'] = bin2hex($salt);

And I can't login through Futon.

Any help greatly appreciated!

Martin 

On 23 Mar 2011, at 08:40, Stefan Matheis wrote:

> Martin,
> 
> based on http://wiki.apache.org/couchdb/Security_Features_Overview#Generating_password_sha
> what's wrong about php's sha1() function?
> 
> $ php -r "echo sha1('foobar');"
> 8843d7f92416211de9ebb963ff4ce28125932878
> 
> it's the same result as stated there for erlang, ruby & python :)
> 
> Regards
> Stefan
> 
> On Wed, Mar 23, 2011 at 4:33 AM, Martin Hewitt <martin@thenoi.se> wrote:
>> Hi all,
>> 
>> I'm writing a build process in Phing, part of which involves creating a new CouchDB
user. I'm having trouble logging in as the created user and have an inkling that it's down
to the SHA1 encryption of the password and salt, as the Security wiki page is quite specific
about what SHA1s work and which ones don't.
>> 
>> My question is - does anyone know if there's a way to generate a CouchDB-friendly
SHA1 hash in PHP?
>> 
>> Thanks,
>> 
>> Martin


Mime
View raw message