Skip to content

Commit

Permalink
Added validate_password nd valid_password in AuthenticatorInterface a…
Browse files Browse the repository at this point in the history
…nd ValidationRules
  • Loading branch information
najdanovicivan committed Nov 10, 2020
1 parent 7a83429 commit 8e0ae51
Show file tree
Hide file tree
Showing 4 changed files with 56 additions and 3 deletions.
10 changes: 10 additions & 0 deletions src/Authentication/AuthenticatorInterface.php
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,16 @@ public function check(): bool;
*/
public function validate(array $credentials, bool $returnUser=false);

/**
* Validates the user password
*
* @param User $user
* @param string $password
*
* @return bool
*/
public function validate_password(User $user, string $password) : bool;

/**
* Returns the User instance for the current logged in user.
*
Expand Down
23 changes: 20 additions & 3 deletions src/Authentication/LocalAuthenticator.php
Original file line number Diff line number Diff line change
Expand Up @@ -162,9 +162,7 @@ public function validate(array $credentials, bool $returnUser=false)
}

// Now, try matching the passwords.
$result = password_verify(base64_encode(
hash('sha384', $password, true)
), $user->password_hash);
$result = $this->validate_password($user, $password);

if (! $result)
{
Expand All @@ -187,4 +185,23 @@ public function validate(array $credentials, bool $returnUser=false)
: true;
}

/**
* Validates the user password
*
* @param User $user
* @param string $password
*
* @return bool
*/
public function validate_password(User $user, string $password) : bool
{
// Can't validate without a password.
if (empty($credentials['password']) || count($credentials) < 2)
{
return password_verify(base64_encode(
hash('sha384', $password, true)
), $user->password_hash);
}
}

}
21 changes: 21 additions & 0 deletions src/Authentication/Passwords/ValidationRules.php
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,27 @@ public function strong_password(string $value, string &$error1 = null, array $da
return $result;
}

/**
* A validation helper method to check if the passed
* current user's password is valid
*
* @param string $password
*
* @return bool
*/
public function valid_password(string $password)
{
helper('auth');
$user = user();

if (empty($user)) {
return false;
}

$authenticate = \Config\Services::authentication();
return $authenticate->validate_password($user, $password);
}

/**
* Builds a new user instance from the global request.
*
Expand Down
5 changes: 5 additions & 0 deletions src/Language/en/Validation.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
<?php

return [
'valid_password' => 'The {field} is not valid.',
];

0 comments on commit 8e0ae51

Please sign in to comment.