Created
September 21, 2011 22:45
-
-
Save raws/1233539 to your computer and use it in GitHub Desktop.
Authenticate against ExpressionEngine >= 2.2.2 member data in Ruby
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env RBENV_VERSION=1.9.3-preview1 ruby | |
| require "digest" | |
| require "sequel" | |
| module ExpressionEngine | |
| module Authentication | |
| ALGORITHMS = { | |
| 32 => Digest::MD5, | |
| 40 => Digest::SHA1, | |
| 64 => Digest::SHA256, | |
| 128 => Digest::SHA512 | |
| } | |
| def self.algorithm_for(string) | |
| ALGORITHMS[string.bytesize] | |
| end | |
| end | |
| def self.authenticate(username, password) | |
| database = Sequel.connect("mysql://...") | |
| member = database[:exp_members].first(:username => username) | |
| return false unless member | |
| algorithm = Authentication.algorithm_for(member[:password]) | |
| raise "Invalid password hash length (#{member[:password]} bytes)" unless algorithm | |
| algorithm.hexdigest(member[:salt] + password) == member[:password] | |
| end | |
| end | |
| print "Username: " | |
| username = gets.chomp | |
| print "Password: " | |
| password = gets.chomp | |
| if ExpressionEngine.authenticate(username, password) | |
| puts "You're authenticated!" | |
| else | |
| puts "Authentication failed." | |
| end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment