bunower
Reputation: 36
PHP Auto Login to Webmail (Rainloop) with stored Password
I am programming a platform, where the user has a profile and separately gets an E-Mail address.
In this platform they can store some settings and their E-Mail Password.
Now they can click on "login webmail",
Rainloop opens in new popup, and they are already logged in.
So I now I have to solve security issues:
I don't want to save the password as plain text in my portal database. Rainloop provides following example for autologin.
<?php
$_ENV['RAINLOOP_INCLUDE_AS_API'] = true;
include '/var/www/rainloop/index.php';
$ssoHash = \RainLoop\Api::GetUserSsoHash('user@yourdomain.com', 'plain-password');
\header('Location: http://yourdomain.com/rainloop/?sso&hash='.$ssoHash);
What would be a secure way to encrypt the plain password before saving it to database, and decrypt it in the script which generates the ssoHash
Upvotes: 1
Views: 1406
Answers (0)
Related Questions
- Roundcube login via PHP script
- Automated login to Stackoverflow
- Autologin from a website to another
- Auto Login from email link and PHP?
- Login: email-password match w/ PHP and MySQL
- Custom email based login to website implementation
- Auto login system?
- Login via curl to webmail
- Single Sign On For Web-pages
- php user autologin