From 39fdf8034889d8502d1b3c8cfbaf48e545a6c739 Mon Sep 17 00:00:00 2001 From: James Date: Mon, 6 Apr 2020 23:05:25 -0500 Subject: [PATCH] Update CreateUser.php Updated to request and hash the user password, as well as set the user account to active. --- src/Commands/CreateUser.php | 134 +++++++++++++++++++++++------------- 1 file changed, 85 insertions(+), 49 deletions(-) diff --git a/src/Commands/CreateUser.php b/src/Commands/CreateUser.php index 91389b40..f27a7b96 100644 --- a/src/Commands/CreateUser.php +++ b/src/Commands/CreateUser.php @@ -1,4 +1,6 @@ - "The username of the new user to create", + 'email' => "The email address of the new user to create", + 'password' => "The password of the new user to create" + ]; + + public function run(array $params = []) { + $row = []; + + // Consume or prompt for username + $row['username'] = array_shift($params); + if (empty($row['username'])) { + $row['username'] = CLI::prompt('Username', null, 'required'); + } + + // Consume or prompt for email + $row['email'] = array_shift($params); + if (empty($row['email'])) { + $row['email'] = CLI::prompt('Email', null, 'required'); + } + + // Consume or prompt for password + $password_plain = array_shift($params); + if (empty($password_plain)) { + $password_plain = CLI::prompt('Password', null, 'required'); + } + $row['password_hash'] = $this->setPassword($password_plain); + $row['active'] = 1; + + // Save the user + $users = new UserModel(); + $user = new User($row); + + if ($userId = $users->insert($user)) { + CLI::write(lang('Auth.registerCLI', [$row['username'], $userId]), 'green'); + } else { + foreach ($users->errors() as $message) { + CLI::write($message, 'red'); + } + } + } + + /** + * Automatically hashes the password when set. + * + * @see https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence + * + * @param string $password + */ + public function setPassword(string $password) { + $config = config('Auth'); + + if ( + (defined('PASSWORD_ARGON2I') && $config->hashAlgorithm == PASSWORD_ARGON2I) || + (defined('PASSWORD_ARGON2ID') && $config->hashAlgorithm == PASSWORD_ARGON2ID) + ) { + $hashOptions = [ + 'memory_cost' => $config->hashMemoryCost, + 'time_cost' => $config->hashTimeCost, + 'threads' => $config->hashThreads + ]; + } else { + $hashOptions = [ + 'cost' => $config->hashCost + ]; + } + + $password_hash = password_hash( + base64_encode( + hash('sha384', $password, true) + ), + $config->hashAlgorithm, + $hashOptions + ); + + return $password_hash; + } - protected $usage = "auth:create_user [username] [email]"; - protected $arguments = [ - 'username' => "The username of the new user to create", - 'email' => "The email address of the new user to create", - ]; - - public function run(array $params = []) - { - // Start with the fields required for the account to be usable - $row = [ - 'active' => 1, - 'password' => bin2hex(random_bytes(24)), - ]; - - // Consume or prompt for username - $row['username'] = array_shift($params); - if (empty($row['username'])) - { - $row['username'] = CLI::prompt('Username', null, 'required'); - } - - // Consume or prompt for email - $row['email'] = array_shift($params); - if (empty($row['email'])) - { - $row['email'] = CLI::prompt('Email', null, 'required'); - } - - // Run the user through the entity and save it - $user = new User($row); - - $users = new UserModel(); - if ($userId = $users->insert($user)) - { - CLI::write(lang('Auth.registerCLI', [$row['username'], $userId]), 'green'); - } - else - { - foreach ($users->errors() as $message) - { - CLI::write($message, 'red'); - } - } - } }