Project

General

Profile

problem while encoding redmine 1.3.2 password

Added by mete canpınar over 9 years ago

I am developing a program and this program will use the login and password that was created by redmine 1.3.2 and was stored in the database. But a hashed_password and salt is stored instead of actual password. I would like to learn how can I generate the hashed_password in my program


Replies (1)

RE: problem while encoding redmine 1.3.2 password - Added by Jan from Planio www.plan.io over 9 years ago

I would strongly advise against developing a plugin for Redmine 1.3.2 since this is a very old version. You should rather update any Redmine installation at hand to the latest version and then develop based on this one. People here in the forums will be much more likely to provide help regarding current Redmine. It's also strongly advisable from a security point of view.

In Redmine's current stable version, you can set a new password like this:

user = [...] # get a user object somehow
user.password = 'my clear text password' # set your password in the local object variable in user
user.update_hashed_password # generate salt and hash
user.save # if you want to persist the new password in the database

This uses the salt_password method internally. Afterwards, user.salt will give you the randomly generated salt and user.hashed_password will give you the password hash.

    (1-1/1)