XF 1.2 Authentication for XF 1.2.0 Beta 3


Active member

Playing around with XF 1.2.0 Beta 3, knowing it's an unsupported version so I went ahead to test it with my board service module and found out it no longer works. Thus, I just wonder if authentication algorithm has changed with the new version. If yes, how the hashing algorithm works now so I can update the game code to support authentication to XF on the new version as I plan to release the new version of board service soon to the community to run Cubeia's poker game.

Any help is appreciated!



Active member
Thanks Mike!

Wow, I see. It is much more complex than before. I believe phpBB3 uses this framework but you guys modify a bit and apply php crypt as well. Looks like I will have fun porting the new authentication code to Java! :)

One more question, where are those below variables get configured? Are they hardcoded ones?



XenForo developer
Staff member
Iterations are definable in the config (and will probably change over time).

The others are PHP defines.

You'd probably do best with an API to let XF do the auth and pass a result back.


Active member
Thanks Mike. The problem is there is no such API yet which allows me to call from Java.

Took me a while to get it working. Now that password is perfectly matched using the stored salt created by XF, I can get the demo going!

Password hashing was already strong before and much stronger now using blowfish.

The php crypt() does all the magic even for reverify the matched password but has it perform the same in Java requires some painful hit and miss trials.

No problem for the configuration of iterations. I've read the value from a config file so if it ever changes, the new value will be used.


Active member
Test it against Beta 4. Working like a charm.

Demo here: http://holdemfever.net

Sign up a free test account and log on to the game at below url using the same credentials as when you register with Xenforo


While you are signed in, you may want to play some poker hands, I launched a batch of bots so you may want to test it!

I gonna release the game soon as it is getting pretty stable now.