gitkwesi/click-erp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
72180de8e4feaf3ed58003a5a1ef6a44a1d080c5
click-erp/user_password_migration.md
Kwesi Banson Jnr 72180de8e4 added logic for updating user profile plus other bug fixes
2026-03-16 16:41:32 +00:00

9 lines
563 B
Markdown
Raw Blame History

Steps for Lazy Migration:
Add a Column: Add a hash_version or new_password column to your database to differentiate between legacy (MD5) and new hashes.
Update Login Logic:
User enters plaintext_password.
Check if password_hash is MD5.
If yes, check if (md5(plaintext_password) == stored_md5_hash).
If matches, compute new_hash = password_hash(plaintext_password, PASSWORD_DEFAULT).
Update database with new_hash and set hash_version to "new".
Handle Remaining Users: After a set period, force a password reset for any remaining accounts still using the MD5 hash.
Reference in New Issue View Git Blame Copy Permalink