Prestashop noob here. I am creating an ionic app with prestashop 1.7.
TL;DR:
I can't use the same encryption as Prestashop 1.7 to compare app user password with the encrypted one from the DB
Details:
So prestashop does not provide a proper way to log in(Login word is not even mentioned in documentation). I am thinking of getting the customer with the entered email(api/customers/?filter[email]=INPUT_EMAIL), then encrypting the INPUT_PASSWORD encrypted with the "passwd" attribute from the api. The problem is I am not able to apply the same encryption as done by Prestashop(they will never match even if the password is correct)
PS:
I tried md5(COOKIE_KEY+INPUT_PASSWORD) but still not the right thing
A bit late, but I am sure other people will face this. What I did was same procedure mentioned in the question: get the customer info and match passwords. Prestashop 1.6 apparently used md5 but PS 1.7 uses bcrypt, so you have to:
Get the bcryptjs package(I am using angular, there is bcrypt package for nodejs).
Change replace $2y$ by $2a$ (the first one used by PHP's bcrypt the second by Javascript's).
Compare the hash against the typed password bcrypt.compare(INPUT_PASSWORD, pwd)
From there if they match then you adapt your app to behave as wanted.