/**
  * Upgrade customer password hash when customer has logged in
  *
  * @param \Magento\Framework\Event\Observer $observer
  * @return void
  */
 public function execute(\Magento\Framework\Event\Observer $observer)
 {
     $password = $observer->getEvent()->getData('password');
     /** @var \Magento\Customer\Model\Customer $model */
     $model = $observer->getEvent()->getData('model');
     $customer = $this->customerRepository->getById($model->getId());
     $customerSecure = $this->customerRegistry->retrieveSecureData($model->getId());
     if (!$this->encryptor->validateHashVersion($customerSecure->getPasswordHash(), true)) {
         $customerSecure->setPasswordHash($this->encryptor->getHash($password, true));
         $this->customerRepository->save($customer);
     }
 }
 /**
  * Admin locking and password hashing upgrade logic implementation
  *
  * @param EventObserver $observer
  * @return void
  * @throws \Magento\Framework\Exception\LocalizedException
  */
 public function execute(EventObserver $observer)
 {
     $password = $observer->getEvent()->getPassword();
     /** @var User $user */
     $user = $observer->getEvent()->getUser();
     $authResult = $observer->getEvent()->getResult();
     if (!$authResult && $user->getId()) {
         // update locking information regardless whether user locked or not
         $this->_updateLockingInformation($user);
     }
     // check whether user is locked
     $lockExpires = $user->getLockExpires();
     if ($lockExpires) {
         $lockExpires = new \DateTime($lockExpires);
         if ($lockExpires > new \DateTime()) {
             throw new UserLockedException(__('You did not sign in correctly or your account is temporarily disabled.'));
         }
     }
     if (!$authResult) {
         return;
     }
     $this->userResource->unlock($user->getId());
     $latestPassword = $this->userResource->getLatestPassword($user->getId());
     $this->_checkExpiredPassword($latestPassword);
     if (!$this->encryptor->validateHashVersion($user->getPassword(), true)) {
         $user->setPassword($password)->setData('force_new_password', true)->save();
     }
 }