Jump to content

Integration with other plataform


igama
 Share

Recommended Posts

I have a project made in Rails, and want to use PrestaShop has the online shop system.

Users register at the project and I wanted to add to the PrestaShop database the needed user data ( username, email, password, etc ) automatically .

What information is needed and which database tables should be affected?
What is the HASH type used in PrestaShop to store the passwords?


Thanks

Share this post


Link to post
Share on other sites

Hello,

I believe the customer passwords to be kept in a table called "ps_customers" in a column called "passwd". It looks to be md5 but it may be salted as when i created user with a password of "password" the hash was

9419d5a9f30dab800790582d2989143f

but when i create the password of "password" using MD5 generation the password hash is returned as

5f4dcc3b5aa765d61d8327deb882cf99

Hopfully someone with more knowledge can jump in here and confirm

ta

Share this post


Link to post
Share on other sites

Prestashop prepends the website's cookie key to the password before hashing it:

$customer->passwd = md5(_COOKIE_KEY_.$customer->passwd);



This means that the hash for the same password is different for each site.

Share this post


Link to post
Share on other sites

Hmm i don't know what the best is but one way might be: Assuming your ruby rail system uses simple md5 to hash the passwords you could alter prestashop not to prepend the prestashop cookie so you get a simple

$customer->passwd = md5($customer->passwd); 





That might be considered "hacking" the core and not ideal.

The other way would be to tweak your rails app to create passwords using the prestashop cookie - don't know what the cookie is at this stage (i am a newbie) but that helpful rocky chap might know.

ta

Share this post


Link to post
Share on other sites

You can read the COOKIE_KEY from config/settings.inc.php if you want to convert passwords into Prestashop passwords. If your own project code will be handling the passwords, as wildchief says, you can modify Prestashop so that the cookie key isn't used in the hash.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More