I have a website with woo commerce installed in it. I am currently using it as an online store. However I want to make an app version of the website so that people can sign up, sign in and purchase stuff on the app as well as the website.
So I figured I would have to encrypt the users password the same way woo commerce encrypts it so that a password sent from the app would have the same hash as one sent through the woo commerce.
The problem is I don't know how woo commerce encrypts their passwords and I tried searching it up but didn't get anything.
Although I had a hunch that WordPress and Woo commerce encrypted passwords in the same way until I made two accounts with the same passwords, one through WordPress and one through woo commerce and their hashes came out differently on my database.
If someone can help me figure out how to have two identical password hashers preferably without doing away with the woo commerce login system I already have, I would be gratefully.
Alternatively: If someone could show me where the php file that woo commerce uses to encrypt their passwords is that would be awesome too!
Thanks in advance.
It turns out that woo commerce and WordPress do use the same password hasher (In this case phpass).
However the password hasher does not hash the same password in the same way twice. So the only way to check if a password given in plain text is the same as a password that was encrypted is to run a special function.
In this case the special function for phpass is 'checkpassword':
$correct = 'original password here';
$hash = 'some hashed password (eg. $P$BzunkYjtVU1F6Derj3.2sNslS.4jL6/)';
$check = $t_hasher->CheckPassword($correct, $hash);
if ($check){
echo "The passwords are the same";
}else
echo "The passwords are not the same";
In the example it checks the plain text password against a hash to see of they are the same. More information about it can be found in the 'test.php' file present in the folder of a download of phpass.
In my case I just had to download phpass and implement the 'checkpassword' function.