How to verify the password from another source like Unity?

Grant Zukel Posted in Beginning Developers 5 years ago

I looked through the code, and it looks like the password is being salted with a random UUID used for a bcrypt salt and md5 hash.

I'm not terribly good with php.

I want to authenticate against the stored database values with 3rd part software.

One example is:

I have a unity game that I want to link the account login to the site account login. However, I can't figure out how the password verification is done. I've looked at the method and class but I can't follow the encrypt salt logic and how the app would know the salt to match the passwords. If its a random id how then do you desalt the password to authenticate it and match against the user provided password in the login form?

I am going to have to do it in python and in c#.

sudo code or at least point me in the right direction here please.

Replies
gb Rishi B Replied 5 years ago

this should tell you everything you need (the REST API's endpoint for user authentication): https://www.opensource-socialnetwork.org/webservices/view/3570/user-authenticate

gb Rishi B Replied 5 years ago

why don't you use the web services REST API so that you don't have to worry about the inner workings of ossn? this is pretty much the definition of what a REST/web services API is meant for.