You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An error occurred The password parameter is expected to be a MD5 hash of the password.
The password being submitted was retrieved via the UsersManager API (i.e., http://demo.piwik.org/?module=API&method=UsersManager.getUsers&userLogins=&format=xml&token_auth=anonymous) and I verified the password retrieved matches what's in the password column of the piwik_user table. I noticed the old passwords from the previous version still login properly via logme so I'm guessing it has something to do with #5278 (Passwords: use better algorithm than md5 hash, use salts and maintain BC ) and/or #10740 (Updates password/token_auth hashing).
The text was updated successfully, but these errors were encountered:
@c-prompt we updated the FAQ and added Since version 3.0 Piwik does not store the password as md5 any longer. As a result there is no way to access the md5 hashed password using the API. To generate the md5 password, you need the user's raw password and then call the md5() hash function on this raw password using your favorite programming language.
So hopefully this is clear and there is no more issue. if we missed something let us know
mattab
changed the title
Potential 3.0.0 password API logme bug
Clarify FAQ instructions for logme mechanism (automatically logging in users when they click from my app to Piwik)
Dec 26, 2016
Testing out latest version and noticed automatic logins no longer work. When using logme (i.e., https://stats.example.org/index.php?module=Login&action=logme&login=your_login&password=your_MD5_password), I'm seeing the following error:
The password being submitted was retrieved via the UsersManager API (i.e., http://demo.piwik.org/?module=API&method=UsersManager.getUsers&userLogins=&format=xml&token_auth=anonymous) and I verified the password retrieved matches what's in the password column of the piwik_user table. I noticed the old passwords from the previous version still login properly via logme so I'm guessing it has something to do with #5278 (Passwords: use better algorithm than md5 hash, use salts and maintain BC ) and/or #10740 (Updates password/token_auth hashing).
The text was updated successfully, but these errors were encountered: