Hooking into drupal's password mechanism
https://stackoverflow.com/questions/11180614
-
16-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm converting a site from a forum system (mybb) into a drupal site and obviously the password schemes are completely different.
I'm planning on importing all of the users with their old password hashes prefixed with "mybb_".
I'd like to write a module which detects prefixed passwords if the user logs in authenticates using the old mechanism and then replaces the password with a drupal 7 hashed password.
I'm relatively new to drupal development so I'm not familiar enough with the hooks, etc needed to do this.
Any guidance would be great :)
(Also if there is a better way of dealing with this than I have proposed, please feel free to chime in.)
Solution
Drupal does similar checks in the function user_check_password(). It is called by the validation function user_login_authenticate_validate() so you could override this using hook_form_alter() and point to a custom version of user_check_password() that includes your mybb check.
Another way, instead of overriding, just add a validation handler in the login form before the default ones and detect, authenticate, and rehash the password there.
