Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Encryption of passwords #11

Open
kubajal opened this issue Sep 27, 2019 · 6 comments
Open

Encryption of passwords #11

kubajal opened this issue Sep 27, 2019 · 6 comments

Comments

@kubajal
Copy link

kubajal commented Sep 27, 2019

Hello,
to begin with, Submission Accounts is a very useful module that I want to use in order to register editable submissions in my NGO organization. The problem I am facing is that according to https://docs.formtools.org/userdoc/field_types/ft_passwords/ fields of type "Password" are stored as plain text. It is possible to see their unencrypted value in the database, which imho discourages the usage of Submission Accounts.
Is there any extension to Form Tools that encrypts password fields?
If not, how would such an extension look like? Any tips would be welcome because I have only very basic knowledge of PHP. I assume that the prefered way to implement such a functionality is to use Submission Pre-Parser. There we can extract the password field from the POST request, use some kind of hashing to encrypt it and then save the result to the database, am I right?
Thanks in advance.

@kubajal
Copy link
Author

kubajal commented Sep 27, 2019

OK, after some more investigation I think that implementation would not be that hard. There are 2 things to do in order to encrypt passwords:

  1. encrypt all "password" fields, probably using Submissions Pre-Parser (is there a better way? I imagine there must be a more low-level way to do so for example hardcoding encryption in the module that implements all default field types, but I do not know which one that is),
  2. in the Users class of Submission accounts change:
  • login function so that it validates passwords using the same encryption method as in 1.,
  • sendPassword to generate a random password and send it to the user instead of sending the password from the database as plain text.

There are some more questions I have in mind:

  1. Would low-level encryption of all "password" fields have any impact on other modules than Submission Accounts?
  2. What encryption method would you recommend? Would password_hash() with PASSWORD_BCRYPT be sufficient?

@kubajal
Copy link
Author

kubajal commented Sep 30, 2019

After more investigation I created 3 pull requests:

  1. module-submission_accounts: Formtools/module submission accounts#11 submission_accounts #12
  2. core: formtools/module-submission_accounts#11 enabling encryption of passwords core#617
  3. module-form_builder: [WIP] formtools/module-submission_accounts#11 form_builder module-form_builder#37

In general, I found a low level way encrypt password fields using php_processing hook in Core\Password.class.

@benkeen, it would be awesome if you could review the changes. Thanks!

kubajal added a commit to kubajal/formtools-module-submission_accounts that referenced this issue Oct 2, 2019
kubajal added a commit to kubajal/formtools-core that referenced this issue Oct 2, 2019
kubajal added a commit to kubajal/formtools-core that referenced this issue Oct 2, 2019
kubajal added a commit to kubajal/formtools-core that referenced this issue Oct 2, 2019
kubajal added a commit to kubajal/formtools-core that referenced this issue Oct 2, 2019
@mmelon
Copy link

mmelon commented Dec 7, 2020

i would love to see password encryption added to the module. Also a fix for multiple submissions with the same username and password.

#13

I think it should detect the same username and password and update the record rather than creating a new one that can no longer be viewed or edited.

@kubajal could you fork the module and develop it a bit more?

@philipschilling
Copy link

I just ran into the same issues:

  • Passwords are not encrypted
  • Same usernames can be registered multiple times

@kubajal
Copy link
Author

kubajal commented Mar 2, 2021

I'm sorry for late response, I haven't visited this thread for a very long time. At the moment I do not have time to take a look into this issue again.

@philipschilling
Copy link

Thank you and no problem. It was just feedback.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants