/** * Admin locking and password hashing upgrade logic implementation * * @param EventObserver $observer * @return void * @throws \Magento\Framework\Exception\LocalizedException */ public function execute(EventObserver $observer) { $password = $observer->getEvent()->getPassword(); /** @var User $user */ $user = $observer->getEvent()->getUser(); $authResult = $observer->getEvent()->getResult(); if (!$authResult && $user->getId()) { // update locking information regardless whether user locked or not $this->_updateLockingInformation($user); } // check whether user is locked $lockExpires = $user->getLockExpires(); if ($lockExpires) { $lockExpires = new \DateTime($lockExpires); if ($lockExpires > new \DateTime()) { throw new UserLockedException(__('You did not sign in correctly or your account is temporarily disabled.')); } } if (!$authResult) { return; } $this->userResource->unlock($user->getId()); $latestPassword = $this->userResource->getLatestPassword($user->getId()); $this->_checkExpiredPassword($latestPassword); if (!$this->encryptor->validateHashVersion($user->getPassword(), true)) { $user->setPassword($password)->setData('force_new_password', true)->save(); } }
public function testGetLatestPassword() { $uid = 123; $returnData = ['password1', 'password2']; $this->resourceMock->expects($this->atLeastOnce())->method('getConnection')->willReturn($this->dbAdapterMock); $this->dbAdapterMock->expects($this->once())->method('fetchRow')->willReturn($returnData); $this->dbAdapterMock->expects($this->once())->method('select')->willReturn($this->selectMock); $this->selectMock->expects($this->atLeastOnce())->method('from')->willReturn($this->selectMock); $this->selectMock->expects($this->atLeastOnce())->method('where')->willReturn($this->selectMock); $this->selectMock->expects($this->atLeastOnce())->method('order')->willReturn($this->selectMock); $this->selectMock->expects($this->atLeastOnce())->method('limit')->willReturn($this->selectMock); $this->assertEquals($returnData, $this->model->getLatestPassword($uid)); }