aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--admin/auth.php3
-rw-r--r--core/namespace/User/Item.php7
2 files changed, 2 insertions, 8 deletions
diff --git a/admin/auth.php b/admin/auth.php
index 8c6d5a6..9674563 100644
--- a/admin/auth.php
+++ b/admin/auth.php
@@ -30,8 +30,9 @@ if(Application::isAuthenticated()) {
if(HTTP::issetPOST(['token' => Application::getSecurityToken()], 'username', 'password')) {
try {
$User = User\Factory::buildByUsername(HTTP::POST('username'));
+ $password = $User->getAttribute()->get('password');
- if($User->comparePassword(HTTP::POST('password'))) {
+ if(password_verify(HTTP::POST('password'), $password)) {
$_SESSION['auth'] = $User->getID();
HTTP::redirect(Application::getAdminURL());
}
diff --git a/core/namespace/User/Item.php b/core/namespace/User/Item.php
index a4ab799..e3ecd2b 100644
--- a/core/namespace/User/Item.php
+++ b/core/namespace/User/Item.php
@@ -25,11 +25,4 @@ class Item extends \Item {
return sha1(implode(NULL, $attributes));
}
-
- #===============================================================================
- # Compare plaintext password with hashed password from database
- #===============================================================================
- public function comparePassword($password): bool {
- return password_verify($password, $this->Attribute->get('password'));
- }
}