public static function setUpBeforeClass()
{
parent::setUpBeforeClass();
\Rhubarb\Crown\Encryption\HashProvider::SetHashProviderClassName("Rhubarb\\Crown\\Encryption\\Sha512HashProvider");
$user = new \Rhubarb\Stem\Tests\Fixtures\User();
$user->Username = "******";
$user->Password = '******';
$user->Active = false;
$user->save();
$user = new \Rhubarb\Stem\Tests\Fixtures\User();
$user->Username = "******";
$user->Password = '******';
$user->Active = true;
// This secret property is used to test the model object is returned correctly.
$user->SecretProperty = "111222";
$user->save();
// This rogue entry is to make sure that we can't login with no username
// even if there happens to be someone with no username.
$user = new \Rhubarb\Stem\Tests\Fixtures\User();
$user->Username = "";
$user->Password = "";
$user->save();
}
public function login($username, $password)
{
// We don't allow spaces around our usernames and passwords
$username = trim($username);
$password = trim($password);
if ($username == "") {
throw new LoginFailedException();
}
$list = new Collection($this->modelClassName);
$list->filter(new Equals($this->usernameColumnName, $username));
if (!sizeof($list)) {
throw new LoginFailedException();
}
$hashProvider = HashProvider::getHashProvider();
// There should only be one user matching the username. It would be possible to support
// unique *combinations* of username and password but it's a potential security issue and
// could trip us up when supporting the project.
if (sizeof($list) > 1) {
throw new LoginFailedException();
}
$user = $list[0];
$this->checkUserIsPermitted($user);
// Test the password matches.
$userPasswordHash = $user[$this->passwordColumnName];
if ($hashProvider->compareHash($password, $userPasswordHash)) {
// Matching login - but is it enabled?
if ($this->isModelActive($user)) {
$this->LoggedIn = true;
$this->LoggedInUserIdentifier = $user->getUniqueIdentifier();
$this->storeSession();
return true;
} else {
throw new LoginDisabledException();
}
}
throw new LoginFailedException();
}
protected function registerDependantModules()
{
Module::registerModule(new LayoutModule('\\Project\\Liberty\\Layouts\\DefaultLayout'));
HashProvider::setHashProviderClassName('Rhubarb\\Crown\\Encryption\\Sha512HashProvider');
}
protected function registerDependantModules()
{
Module::registerModule(new LayoutModule('\\Your\\WebApp\\Layouts\\DefaultLayout'));
Module::registerModule(new AuthenticationWithRolesModule(CustomLoginProvider::class));
HashProvider::setHashProviderClassName('Rhubarb\\Crown\\Encryption\\Sha512HashProvider');
}
