From bcce2625a8cb0b630d945c6849014049869e10ce Mon Sep 17 00:00:00 2001
From: Igor Scheller <igor.scheller@igorshp.de>
Date: Tue, 27 Nov 2018 12:01:36 +0100
Subject: Implemented AuthController for login

* Moved /login functionality to AuthController
* Refactored password handling logic to use the Authenticator
---
 config/config.default.php | 9 +++------
 config/routes.php         | 2 ++
 2 files changed, 5 insertions(+), 6 deletions(-)

(limited to 'config')

diff --git a/config/config.default.php b/config/config.default.php
index 693b0d19..9c9505c6 100644
--- a/config/config.default.php
+++ b/config/config.default.php
@@ -95,13 +95,10 @@ return [
     // Number of hours that an angel has to sign out own shifts
     'last_unsubscribe'        => 3,
 
-    // Define the algorithm to use for `crypt()` of passwords
+    // Define the algorithm to use for `password_verify()`
     // If the user uses an old algorithm the password will be converted to the new format
-    //  MD5         '$1'
-    //  Blowfish    '$2y$13'
-    //  SHA-256     '$5$rounds=5000'
-    //  SHA-512     '$6$rounds=5000'
-    'crypt_alg'               => '$6$rounds=5000',
+    // See https://secure.php.net/manual/en/password.constants.php for a complete list
+    'password_algorithm'      => PASSWORD_DEFAULT,
 
     // The minimum length for passwords
     'min_password_length'     => 8,
diff --git a/config/routes.php b/config/routes.php
index e999d026..02fd3abd 100644
--- a/config/routes.php
+++ b/config/routes.php
@@ -9,6 +9,8 @@ $route->get('/', 'HomeController@index');
 $route->get('/credits', 'CreditsController@index');
 
 // Authentication
+$route->get('/login', 'AuthController@login');
+$route->post('/login', 'AuthController@postLogin');
 $route->get('/logout', 'AuthController@logout');
 
 // Stats
-- 
cgit v1.2.3-54-g00ecf