Always use bcrypt to hash the WebAuthn MFA API's api secret

Our MFA APIs use bcrypt for that, and at some point the `PASSWORD_DEFAULT` may change for PHP. This commit's code change protects this code from breaking when the default PHP password hashing algorithm does change.
silinternational · May 30, 2024 · 76e3415 · 76e3415
1 parent 2ed1752
commit 76e3415
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/application/features/bootstrap/AuthenticationContext.php b/application/features/bootstrap/AuthenticationContext.php
@@ -81,7 +81,7 @@ public function weHaveTheWrongPasswordForTheWebauthnMfaApi()
 
     protected function setWebAuthnApiSecretTo(string $newPlainTextApiSecret)
     {
-        $newHashedApiSecret = password_hash($newPlainTextApiSecret, PASSWORD_DEFAULT);
+        $newHashedApiSecret = password_hash($newPlainTextApiSecret, PASSWORD_BCRYPT);
         $dynamoDbClient = new DynamoDbClient([
             'region'   => getenv('AWS_DEFAULT_REGION'),
             'endpoint' => getenv('AWS_ENDPOINT'),