KaiRo.at git - public - authserver.git/commit - app/authsystem.inc.php

projects / authserver.git / commit

summary | shortlog | log | commit | commitdiff | tree
(parent: ac44275) | patch

author	Robert Kaiser <kairo@kairo.at>
	Wed, 26 Oct 2016 23:49:06 +0000 (01:49 +0200)
committer	Robert Kaiser <kairo@kairo.at>
	Wed, 26 Oct 2016 23:49:06 +0000 (01:49 +0200)
commit	087085d618e57aea5f292a5bb57d46304574cc6a
tree	ddad375a9081377e4765f566decbb23b63731f85	tree \| snapshot
parent	ac442755b476ec15b269be0d6a6c68e5080a6b21	commit \| diff

actually use the on-disk site-specific nonce to 'pepper' passwords before hashing so that stealing the database won't even reveal weak passwords

authsystem.inc.php		diff \| blob \| blame \| history
authutils.php-class		diff \| blob \| blame \| history

OAuth2-capable authorization/login server