From e1cb85c6be7e5c4f91bcd276824768f3126f1a11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Najdanovic=CC=81=20Ivan?= Date: Fri, 8 May 2020 16:32:52 +0200 Subject: [PATCH] Added validate_password nd valid_password in AuthenticatorInterface and ValidationRules --- src/Authentication/AuthenticatorInterface.php | 10 ++++++++ src/Authentication/LocalAuthenticator.php | 23 ++++++++++++++++--- .../Passwords/ValidationRules.php | 21 +++++++++++++++++ src/Language/en/Validation.php | 5 ++++ 4 files changed, 56 insertions(+), 3 deletions(-) create mode 100644 src/Language/en/Validation.php diff --git a/src/Authentication/AuthenticatorInterface.php b/src/Authentication/AuthenticatorInterface.php index 6ae25221..2e0f601f 100644 --- a/src/Authentication/AuthenticatorInterface.php +++ b/src/Authentication/AuthenticatorInterface.php @@ -32,6 +32,16 @@ public function check(): bool; */ public function validate(array $credentials, bool $returnUser=false); + /** + * Validates the user password + * + * @param User $user + * @param string $password + * + * @return bool + */ + public function validate_password(User $user, string $password) : bool; + /** * Returns the User instance for the current logged in user. * diff --git a/src/Authentication/LocalAuthenticator.php b/src/Authentication/LocalAuthenticator.php index 6a0d14b3..0288ca43 100644 --- a/src/Authentication/LocalAuthenticator.php +++ b/src/Authentication/LocalAuthenticator.php @@ -161,9 +161,7 @@ public function validate(array $credentials, bool $returnUser=false) } // Now, try matching the passwords. - $result = password_verify(base64_encode( - hash('sha384', $password, true) - ), $user->password_hash); + $result = $this->validate_password($user, $password); if (! $result) { @@ -186,4 +184,23 @@ public function validate(array $credentials, bool $returnUser=false) : true; } + /** + * Validates the user password + * + * @param User $user + * @param string $password + * + * @return bool + */ + public function validate_password(User $user, string $password) : bool + { + // Can't validate without a password. + if (empty($credentials['password']) || count($credentials) < 2) + { + return password_verify(base64_encode( + hash('sha384', $password, true) + ), $user->password_hash); + } + } + } diff --git a/src/Authentication/Passwords/ValidationRules.php b/src/Authentication/Passwords/ValidationRules.php index f6ef6d0d..8a9c1b71 100644 --- a/src/Authentication/Passwords/ValidationRules.php +++ b/src/Authentication/Passwords/ValidationRules.php @@ -60,6 +60,27 @@ public function strong_password(string $value, string &$error1 = null, array $da return $result; } + /** + * A validation helper method to check if the passed + * current user's password is valid + * + * @param string $password + * + * @return bool + */ + public function valid_password(string $password) + { + helper('auth'); + $user = user(); + + if (empty($user)) { + return false; + } + + $authenticate = \Config\Services::authentication(); + return $authenticate->validate_password($user, $password); + } + /** * Builds a new user instance from the global request. * diff --git a/src/Language/en/Validation.php b/src/Language/en/Validation.php new file mode 100644 index 00000000..bbb84a8e --- /dev/null +++ b/src/Language/en/Validation.php @@ -0,0 +1,5 @@ + 'The {field} is not valid.', +];