From 31ac9224b3a15d97066a460118192df9077ca4b2 Mon Sep 17 00:00:00 2001
From: Henrik Hautakoski <henrik.hautakoski@gmail.com>
Date: Fri, 10 Aug 2018 20:39:16 +0200
Subject: [PATCH] app/library/Auth.php: in login() use
 Phalcon\Security::checkHash() instead of password_verify()

---
 app/library/Auth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/library/Auth.php b/app/library/Auth.php
index 75c622b..4f2f262 100644
--- a/app/library/Auth.php
+++ b/app/library/Auth.php
@@ -28,7 +28,7 @@ class Auth extends Component
         if ($user) {
             // Verify password
             $hash = $user->getPassword();
-            if (strlen($hash) > 1 && password_verify($password, $hash)) {
+            if (strlen($hash) > 1 && $this->security->checkHash($password, $hash)) {
 
                 $this->setIdentity($user->getId());