How to use magento 1 customer password in magento 2

 Magento 1 use MD5 hash to encrypt the password and Magento 2 use SHA-256.

In Magento 1, they use Mage_Core_Model_Encryption class with following functions.

Magento 1 generate hash by md5(salt + password) and save in database with 1 colon like $password-hash : $salt.

Magento 2 has changed logic and written in vendor/magento/framework/Encryption/Encryptor.php

Magento 2 generate hash like hash(‘sha256’, $salt . $password); and save with 2 colons in database like

$password-hash : $salt: $version

You have to override Encryptor class via di.xml with some private functions in your module.


/**

 * Class Encryptor provides basic logic for hashing strings and encrypting/decrypting misc data

 */

class Encryptor extends \Magento\Framework\Encryption\Encryptor

{

/**

* @var array map of hash versions

*/

private $hashVersionMap = [

self::HASH_VERSION_MD5 => 'md5',

self::HASH_VERSION_SHA256 => 'sha256'

];

/**

* @var array map of password hash

*/

private $passwordHashMap = [

self::PASSWORD_HASH => '',

self::PASSWORD_SALT => '',

self::PASSWORD_VERSION => self::HASH_VERSION_LATEST

];

/**

* @param string $hash

* @return array

*/

private function explodePasswordHash($hash)

{

$explodedPassword = explode(self::DELIMITER, $hash, 3);

foreach ($this->passwordHashMap as $key => $defaultValue) {

$this->passwordHashMap[$key] = (isset($explodedPassword[$key])) ? $explodedPassword[$key] : $defaultValue;

}

return $this->passwordHashMap;

}

/**

* @return string

*/

private function getPasswordHash()

{

return (string)$this->passwordHashMap[self::PASSWORD_HASH];

}

/**

* @return string

*/

private function getPasswordSalt()

{

return (string)$this->passwordHashMap[self::PASSWORD_SALT];

}

/**

* @return array

*/

private function getPasswordVersion()

{

return array_map('intval', explode(self::DELIMITER, $this->passwordHashMap[self::PASSWORD_VERSION]));

}

    /**

     * @inheritdoc

     */

    public function isValidHash($password, $hash)

    {

        $this->explodePasswordHash($hash);

        

        $hashs = explode(":", $hash);

        if(count($hashs) == 2){

        $password = md5($this->getPasswordSalt() . $password);

        }

        else{

        foreach ($this->getPasswordVersion() as $hashVersion) {

        $password = $this->hash($this->getPasswordSalt() . $password, $hashVersion);

        }

        }

        

        //print $password . " ". $this->getPasswordHash(); die;


        return Security::compareStrings(

            $password,

            $this->getPasswordHash()

        );

    }

}

 

Now Magento 1 user will able to login their old password. New customers password logic will remain same.

How to check if Magento is running in production mode or developer mode

If you want to know. your Magento 2 website is running on which environment you can run below command on terminal and very easily you can kn...

Popular Posts

Posts