Menu
I need to integrate a Django system with a Wordpress site, as in wordpress users should be able to log in the DJnago part and vice versa,
For this I need to understand how the password hashing works in Wordpress. I can see the wp_users table which stores the username and password hashes.
Looking through the wordpress code, I can see the password is set via wp_set_password, which is using hash_password to hash the password.
Now I dont know enough PHP to understand how it is working. I need to replicate the same in python so I can validate the password from Django part.
482
There is a comment in the implementation saying:
28 /**
29 * Portable PHP password hashing framework.
30 *
31 * @package phpass
32 * @version 0.1 / genuine
33 * @link http://www.openwall.com/phpass/
34 * @since 2.5
35 */
The hashing framework used is phpass, and its page links to a Python implementation. Here's the link (.tar.gz). That page has some other useful links (such as a Perl implementation).
154
Just to add on, the following is a comment snippet from Wordpress 3.1's "\wp-includes\pluggable.php":
/**
* For integration with other applications, this function can be overwritten to
* instead use the other package password checking algorithm.
*/
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
