Using EE as a headless CMS - Handling authentication
Development and Programming
Hi all,
We are rebuilding an existing project built in EE 2.10 to use Node.js / Express.js as the front end and keeping EE as the backend. We have upgraded EE to v 6.x but most of our users were registered on the EE 2 site.
So EE will only be used for admins to log in and manage content / users but all website users will be served up content using Node / Express.
The issue we have right now is around registering new users via Node. The registration library in EE looks like it is using various encryption methods:
private $hash_algos = array(
128 => 'sha512',
64 => 'sha256',
40 => 'sha1',
32 => 'md5'
);
It’s not clear to me which we should be using to hash the user’s password and also not clear how the salting works.
Does anyone have insight into what EE is doing exactly when it registers a new user?
Thanks.