Jump to content

[SOLVED] Passwords do not work after migrating customers to another shop


tumil

Recommended Posts

Hi,

I need to migrate my customers' data to another shop.

I used Store Manager to export csv with all information including hashed passwords.

Then I changed the COOKIE_KEY value in the new shop. I copied the one from the old shop. I tried changing RIJNDAEL_KEY as well but nothing helps. Passwords still do not work. I checked the database and the hashed passwords are equal on both shops. What can I do to make the passwords work? I REALLY don't want to make hundreds of my customers reset their paswords

 

I'll appreciate any help

Edited by tumil (see edit history)
Link to comment
Share on other sites

You migrated from Prestshop to Prestashop, same version ? If yes, you can only migrate by using an empty database and import products direct from database and not via csv import. In this cae import should be done via phpMyAdmin. It is not posible to migrate hashes when you use a new database created by Prestashop install, onyl when ou create it wit. By installing prestashop it creates a new database with new hashes.

 

What you should do: create a new database with phpMyAdmin and transfer all data with phpMyAdmin and database dump and use old cookie_session and Rijndael hash. Than it will work. BUT the version of Prestashop should be the same, if it is not the same than no way ! In this case the only way is by creating new passwords on new hash.

 

The only way to migrate passwords is, when they are not encrypted, so plain text. When they are imported, than they are encrypted with the new hash and will work too. Yo if you don't want our customers have work, than you should decrypt the passwords into plain text with tools.

Link to comment
Share on other sites

Unfortunately these tools do not work. I guess passwords cannot be decrypted without this cookie_key and it is not considered during decryption with tools you mentioned. Anyway, these tools cannot handle this situation.

So... there's nothing I can do?

Link to comment
Share on other sites

Hi,

I need to migrate my customers' data to another shop.

I used Store Manager to export csv with all information including hashed passwords.

Then I changed the COOKIE_KEY value in the new shop. I copied the one from the old shop. I tried changing RIJNDAEL_KEY as well but nothing helps. Passwords still do not work. I checked the database and the hashed passwords are equal on both shops. What can I do to make the passwords work? I REALLY don't want to make hundreds of my customers reset their paswords

 

I'll appreciate any help

 

I've just checked authentication process on both 1.6.0.14 and 1.6.1.7 and it's the same - password is stored to db as md5 hash salted by _COOKIE_KEY_. Nothing else.

 

So the process you described in your original post must work, unless:

 

1) you use some custom code to handle authentication (some module or override that adds additional security or whatnot)

2) you didn't copy value of _COOKIE_KEY_ correctly (I bet this is the problem)

3) password value in db password weren't coppied correctly (for example, there may be an invisible space at the end)

 

 

You can verify the hashing algo using following query.

 

I have customer with password == 'password', my _COOKIE_KEY_ is s2cV9T6YzSm1hH18Bvqrdiv3UNIGted6Czvn4sqkavtd80D28pM2YIiY

 

SELECT email, passwd, MD5('s2cV9T6YzSm1hH18Bvqrdiv3UNIGted6Czvn4sqkavtd80D28pM2YIiYpassword');

 

+--------+----------------------------------+-------------------------------------------------------------------------+
| email  | passwd                           | md5('s2cV9T6YzSm1hH18Bvqrdiv3UNIGted6Czvn4sqkavtd80D28pM2YIiYpassword') |
+--------+----------------------------------+-------------------------------------------------------------------------+
| [email protected] | fd8e8bf54bf006c881d2cb4982cab953 | fd8e8bf54bf006c881d2cb4982cab953                                        |
+--------+----------------------------------+-------------------------------------------------------------------------+
 
As you can see, the generated hash is the same --> hash depends only on _COOKIE_KEY value concatenaded with plain text password.
  • Like 1
Link to comment
Share on other sites

Hmmm

Maybe I could try with a simple database export/import from phpmyadmin instead of using Store Manager.

The thing is that when I try to import the table exported from the old store, I get the info about 22 or so queries loaded and there is no data imported :/

 

The COOKIE_KEY is the same, but when I checked one of the customers, the password and secure_key were different so I think there is some problem with importing

Edited by tumil (see edit history)
Link to comment
Share on other sites

Hmmm

Maybe I could try with a simple database export/import from phpmyadmin instead of using Store Manager.

The thing is that when I try to import the table exported from the old store, I get the info about 22 or so queries loaded and there is no data imported :/

 

The COOKIE_KEY is the same, but when I checked one of the customers, the password and secure_key were different so I think there is some problem with importing

 

Well, how do you import your data? As csv? If so, than the passwords will be hashed once more - csv import expects plain text password, but you are providing already hashes.

 

To overcome this, just (temporarily) edit file controllers/admin/AdminImportController.php and delete lines 2040 - 2401

 

// delete following
if ($customer->passwd)
  $customer->passwd = Tools::encrypt($customer->passwd);
 

Then reimport your csv file and it should work, hopefully 

Edited by DataKick (see edit history)
  • Like 1
Link to comment
Share on other sites

Thanks for your help. It turned out that all this decrypting stuff wasn't necessary and the problem was that some e-mails were connected to both guests and customers accounts and that's why password didn't work ;)

The solution was to delete some guests from csv file - those guests that had their customers accounts as well

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...