From bcce2625a8cb0b630d945c6849014049869e10ce Mon Sep 17 00:00:00 2001
From: Igor Scheller <igor.scheller@igorshp.de>
Date: Tue, 27 Nov 2018 12:01:36 +0100
Subject: Implemented AuthController for login

* Moved /login functionality to AuthController
* Refactored password handling logic to use the Authenticator
---
 config/config.default.php | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

(limited to 'config/config.default.php')

diff --git a/config/config.default.php b/config/config.default.php
index 693b0d19..9c9505c6 100644
--- a/config/config.default.php
+++ b/config/config.default.php
@@ -95,13 +95,10 @@ return [
     // Number of hours that an angel has to sign out own shifts
     'last_unsubscribe'        => 3,
 
-    // Define the algorithm to use for `crypt()` of passwords
+    // Define the algorithm to use for `password_verify()`
     // If the user uses an old algorithm the password will be converted to the new format
-    //  MD5         '$1'
-    //  Blowfish    '$2y$13'
-    //  SHA-256     '$5$rounds=5000'
-    //  SHA-512     '$6$rounds=5000'
-    'crypt_alg'               => '$6$rounds=5000',
+    // See https://secure.php.net/manual/en/password.constants.php for a complete list
+    'password_algorithm'      => PASSWORD_DEFAULT,
 
     // The minimum length for passwords
     'min_password_length'     => 8,
-- 
cgit v1.2.3-70-g09d2