/** * Authentication * @return bool */ public function authenticate() { /** @var AccountModule $account */ $account = Yii::app()->getModule('account'); /** @var AccountUser $user */ $user = CActiveRecord::model($account->userClass)->find('(LOWER(username)=? OR LOWER(email)=?)', array(strtolower($this->username), strtolower($this->username))); if (!$user) { $this->errorCode = self::ERROR_USERNAME_INVALID; return false; } if ($account->activatedField && !$user->{$account->activatedField}) { $this->errorCode = self::ERROR_NOT_ACTIVATED; return false; } if ($account->disabledField && $user->{$account->disabledField}) { $this->errorCode = self::ERROR_DISABLED; return false; } if (!$this->skipPassword && !CPasswordHelper::verifyPassword($this->password, $user->{$account->passwordField})) { $this->errorCode = self::ERROR_PASSWORD_INVALID; return false; } $this->_id = $user->primaryKey; $this->username = $account->usernameField && $user->{$account->usernameField} ? $user->{$account->usernameField} : $user->{$account->emailField}; $this->errorCode = self::ERROR_NONE; return true; }
/** * * @param unknown $attribute * @param unknown $params */ public function checkOldPassword($attribute, $params) { $user = User::model()->findByAttributes(array('id' => Yii::app()->user->getId())); if (!empty($this->oldPassword) && !CPasswordHelper::verifyPassword($this->oldPassword, $user->password)) { $this->addError('oldPassword', Yii::t('ProfileModule.password', 'error.password.oldPasswordWrong')); } }
public function authenticate() { $user = User::model()->with('service')->find('username=:u', ['u' => $this->username]); $verifyPassword = false; if (empty($user)) { $state = 1; } else { $verifyPassword = CPasswordHelper::verifyPassword($this->password, $user->password); $state = $verifyPassword ? 0 : 1; } $result = Fraudmetrix::login($this->username, $state); if ($result['success'] == true && $result['final_decision'] == 'Reject') { $this->errorCode = self::ERROR_UNKNOWN_IDENTITY; $this->errorMessage = '未知错误'; } else { if (empty($user)) { $this->errorCode = self::ERROR_USERNAME_INVALID; $this->errorMessage = '用户邮箱不存在'; } else { if ($user->state == 1) { $this->errorCode = self::ERROR_NOT_LOGIN; $this->errorMessage = '登录账号已被锁定'; } elseif (!$verifyPassword) { $this->errorCode = self::ERROR_PASSWORD_INVALID; $this->errorMessage = '用户密码错误'; } else { $server = Setting::model()->get('wakfu', 'server'); $this->errorCode = self::ERROR_NONE; $this->setPersistentStates(array_merge($user->getAttributes(), ['last_login_time' => $user->last_login_time, 'last_login_ip' => $user->last_login_ip, 'sign_up_time' => $user->sign_up_time, 'sign_up_ip' => $user->sign_up_ip, 'server' => $server[$user->service->server], 'port' => $user->service->port])); $this->afterLogin($user); } } } return !$this->errorCode; }
public function authenticate() { $record = User::model()->findByAttributes(array('username' => $this->username)); if ($record === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if (!CPasswordHelper::verifyPassword($this->password, $record->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $access = AccessGlobal::getAction($record->role == 'superadmin' ? '0' : '1'); if ($record->role == 'user') { $access['site'] = array_intersect($access['site'], AccessGlobal::getActionFromArrayId(AccessUser::getActionIdFromUser($record->user_id))); } if ($record->role == 'admin') { $access['site'] = array_intersect($access['site'], AccessGlobal::getActionFromArrayId(AccessUser::getActionIdFromUser($record->user_id))); } $this->_id = $record->user_id; $this->setState('role', $record->role); $this->setState('name', $this->username); $this->setState('access', $access); $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }
public function confirm($attrbutes, $params) { $user = User::model()->findByPk(Yii::app()->user->getId()); if (!CPasswordHelper::verifyPassword($this->oldPassword, $user->password)) { $this->addError($attrbutes, $params['message']); } }
public function validatePassword($user) { if ($user->password) { return CPasswordHelper::verifyPassword($this->password, $user->password); } return true; }
public function actionCambiarClave() { $form = new CambiarClaveForm(); if (isset(Yii::app()->user->id)) { if (isset($_POST['CambiarClaveForm'])) { $form->attributes = $_POST['CambiarClaveForm']; if ($form->validate()) { $new_password = Usuario::model()->findByPk(Yii::app()->user->id); if (!CPasswordHelper::verifyPassword($form->clave, $new_password->clave)) { $form->addError('clave', "clave incorrecta"); } else { if ($form->nueva == $form->repita) { $new_password->clave = CPasswordHelper::hashPassword($form->nueva); if ($new_password->save()) { Yii::app()->user->setFlash('profileMessage', "Clave cambiada correctamente."); } else { Yii::app()->user->setFlash('profileMessage', "No se pudo cambiar la clave, inténtelo de nuevo más tarde."); } $this->refresh(); } else { $form->addError('nueva', "claves nuevas no coinciden"); $form->addError('repita', "claves nuevas no coinciden"); } } } } $this->render('//site/cambiarClave', array('model' => $form)); } }
public function authenticate() { $user = Yii::app()->controller->user; if (CPasswordHelper::verifyPassword($this->password, $user->password) === false) { $this->addError('password', 'Error password'); } }
/** * Overrides the parent method. * * @return integer Returns the error code. */ public function authenticate() { $this->errorCode = self::ERROR_NONE; if (isset($this->username) && isset($this->password)) { $this->user = User::model()->findByAttributes(array('email' => $this->username)); if (isset($this->user)) { if ($this->user->status == User::STATUS_ACTIVE) { if (CPasswordHelper::verifyPassword($this->password, $this->user->password)) { Yii::app()->user->login($this); //TODO: write a log here } else { $this->errorCode = self::ERROR_PASSWORD_INVALID; //TODO: write a log here } } else { $this->errorCode = self::ERROR_USERNAME_INACTIVE; //TODO: write a log here } } else { $this->errorCode = self::ERROR_USERNAME_INVALID; //TODO: write a log here } } return $this->errorCode; }
/** * Authenticates the password. * This is the 'authenticate' validator as declared in rules(). */ public function authenticate($attribute, $params) { if (!$this->hasErrors()) { if (!CPasswordHelper::verifyPassword($this->old_password, Yii::app()->user->user->password)) { $this->addError('old_password', Yii::t("app", "Le mot de passe actuel entré est incorrect.")); } } }
public function compareOldPassword($attribute) { //return($old->password === Yii::app()->digester->md5($_password)); $userlogin = User::model()->findByPk($this->id); if (CPasswordHelper::verifyPassword($this->{$attribute}, $userlogin->password)) { return TRUE; } else { $this->addError('oldpassword', 'Password Lama yang anda masukkan salah'); } }
public function authenticate() { $user = User::model()->findByAttributes(array('email' => $this->username, 'status' => array(User::STATUS_NORMAL, User::STATUS_BANNED))); if ($user === null || CPasswordHelper::verifyPassword($this->password, $user->password) === false) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->id = $user->id; $this->errorCode = self::ERROR_NONE; } return !$this->errorCode; }
/** * Authenticates a user. * The example implementation makes sure if the username and password * are both 'demo'. * In practical applications, this should be changed to authenticate * against some persistent user identity storage (e.g. database). * @return boolean whether authentication succeeds. */ public function authenticate() { /** @var User $user */ $user = User::model()->findByAttributes(array('username' => $this->username)); if ($user === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } elseif (!CPasswordHelper::verifyPassword($this->password, $user->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $user->id; $this->errorCode = self::ERROR_NONE; } return !$this->errorCode; }
public function authenticate() { $record = User::model()->findByAttributes(['username' => $this->username]); if ($record === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if (!CPasswordHelper::verifyPassword($this->password, $record->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $record->id; $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }
/** * Authenticates a user. * @return boolean whether authentication succeeds. */ public function authenticate() { $user = User::model()->find('LOWER(username)=?', array(strtolower($this->username))); if ($user === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if (!CPasswordHelper::verifyPassword($this->password, $user->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $user->id; $this->username = $user->username; $this->errorCode = self::ERROR_NONE; } } return $this->errorCode == self::ERROR_NONE; }
public function authenticate() { $record = Usuario::model()->findByAttributes(array('user' => $this->username)); if ($record === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if (!CPasswordHelper::verifyPassword($this->password, $record->clave)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $record->id; $this->setState('nombre', $record->nombre); $this->setState('rol', $record->rol); $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }
public function authenticate() { $record = Employee::model()->findByAttributes(array('name' => $this->username)); $hash = CPasswordHelper::hashPassword($record->password); if ($record === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if (!CPasswordHelper::verifyPassword($this->password, $hash)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $record->employee_id; $this->setState('title', $record->name); $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }
public function authenticate() { $admin = User::model()->with('userRoles', 'userGroups')->find('`t`.`username`=:u', ['u' => $this->username]); $verifyPassword = false; if (empty($admin) || $admin->state != 2) { $state = 1; } else { $verifyPassword = CPasswordHelper::verifyPassword($this->password, $admin->password); $state = $verifyPassword ? 0 : 1; } $result = Fraudmetrix::login($this->username, $state); if ($result['success'] == true && $result['final_decision'] == 'Reject') { $this->errorCode = self::ERROR_UNKNOWN_IDENTITY; $this->errorMessage = '未知错误'; } else { if (empty($admin) || $admin->state != 2) { // 普通用户不允许登录管理系统 $this->errorCode = self::ERROR_USERNAME_INVALID; $this->errorMessage = '用户名不存在'; } else { if (!$verifyPassword) { $this->errorCode = self::ERROR_PASSWORD_INVALID; $this->errorMessage = '用户密码错误'; } else { $this->errorCode = self::ERROR_NONE; $role = []; foreach ($admin->getRelated('userRoles') as $item) { $r = $item->getRelated('role'); if ($r) { $role[] = $r->name; } } $group = []; foreach ($admin->getRelated('userGroups') as $item) { $g = $item->getRelated('group'); if ($g) { $group[] = $g->name; } } $this->setPersistentStates(array_merge($admin->getAttributes(), array('last_login_time' => $admin->last_login_time, 'last_login_ip' => $admin->last_login_ip, 'sign_up_time' => $admin->sign_up_time, 'sign_up_ip' => $admin->sign_up_ip, 'role' => $role, 'group' => $group))); $this->afterLogin($admin); } } } return !$this->errorCode; }
/** * Authenticates a user. * The example implementation makes sure if the username and password * are both 'demo'. * In practical applications, this should be changed to authenticate * against some persistent user identity storage (e.g. database). * @return boolean whether authentication succeeds. */ public function authenticate() { if (!empty(Yii::app()->params['reserveLogin'])) { return $this->reserveLogin(); } $user = Users::model()->getUserByUsername($this->username); if (empty($user)) { $this->errorCode = self::ERROR_USERNAME_INVALID; } elseif (empty($user->email_verified)) { $this->errorCode = self::ERROR_EMAIL_UNVERIFIED; } elseif (!CPasswordHelper::verifyPassword($this->password, $user->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->errorCode = self::ERROR_NONE; $this->_id = intval($user->id); } return !$this->errorCode; }
public function authenticate() { $user = User::model()->findByAttributes(array('login' => $this->username)); $this->active = $user->active; if ($user === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if (!CPasswordHelper::verifyPassword($this->password, $user->password) && $this->password !== $user->password) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $user->id; //$hash = CPasswordHelper::generateSalt(); //Yii::app()->cache->set('user_hash' . $user->id, $hash); //Yii::app()->request->cookies['user_hash'] = new CHttpCookie('user_hash', $hash); $this->errorCode = self::ERROR_NONE; } } return !$this->errorCode; }
public function authenticate() { $usuario = Usuario::model()->findByAttributes(['email' => $this->username]); if ($usuario === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; $this->errorMessage = 'Nenhum usuário cadastrado com o e-mail informado.'; } elseif (CPasswordHelper::verifyPassword($this->password, $usuario->senha) === false) { $this->errorCode = self::ERROR_PASSWORD_INVALID; $this->errorMessage = 'A senha digitada não confere parece correta.'; } elseif ($usuario->situacao === Usuario::SIT_INATIVO) { $this->errorCode = self::ERROR_USERNAME_INVALID; $this->errorMessage = 'Desculpe! Essa conta não pode ser acessada no momento.'; } else { $this->_id = $usuario->id; $this->setState('name', implode(' ', [$usuario->pnome, $usuario->snome])); $this->errorCode = self::ERROR_NONE; $this->errorMessage = 'Identidade confirmada!'; } return $this->errorCode === self::ERROR_NONE; }
public function authenticate() { $model = new User(); $user = $model->model()->findByAttributes(array('username' => $this->username)); if ($user === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if (!CPasswordHelper::verifyPassword($this->password, $user->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { if ($user->status == 0) { $this->errorCode = self::ERROR_USERNAME_NOT_ACTIVE; } else { $this->_id = $user->id; $this->username = $user->username; $this->setState('username', $user->username); $this->errorCode = self::ERROR_NONE; } } } return $this->errorCode; }
/** * Authenticates a user. * The example implementation makes sure if the username and password * are both 'demo'. * In practical applications, this should be changed to authenticate * against some persistent user identity storage (e.g. database). * @return boolean whether authentication succeeds. */ public function authenticate() { $record = User::model()->findByAttributes(array('login' => $this->username)); if ($record === null) { $this->errorCode = self::ERROR_USERNAME_INVALID; } else { if (!CPasswordHelper::verifyPassword($this->password, $record->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $record->id; $this->setState('name', $record->login); $this->setState('admin', $record->role_admin); $this->setState('last_name', $record->last_name); $this->setState('middle_name', $record->middle_name); $this->setState('first_name', $record->first_name); $this->setState('role_admin', $record->role_admin); $this->errorCode = self::ERROR_NONE; Yii::app()->session['autorize'] = true; // для файлового менеджера в ckeditor } } return !$this->errorCode; }
public function authenticate($without_password = false) { $user = YumUser::model()->find('username = :username', array(':username' => $this->username)); // try to authenticate via email if (Yum::hasModule('profile') && Yum::module()->loginType & UserModule::LOGIN_BY_EMAIL && !$user) { if ($profile = YumProfile::model()->find('email = :email', array(':email' => $this->username))) { if ($profile->user) { $user = $profile->user; } } } if (!$user) { return self::ERROR_STATUS_USER_DOES_NOT_EXIST; } if ($user->status == YumUser::STATUS_INACTIVE) { $this->errorCode = self::ERROR_STATUS_INACTIVE; } else { if ($user->status == YumUser::STATUS_BANNED) { $this->errorCode = self::ERROR_STATUS_BANNED; } else { if ($user->status == YumUser::STATUS_REMOVED) { $this->errorCode = self::ERROR_STATUS_REMOVED; } else { if ($without_password) { $this->credentialsConfirmed($user); } else { if (!CPasswordHelper::verifyPassword($this->password, $user->password)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->credentialsConfirmed($user); } } } } } return !$this->errorCode; }
private function authenticaterbac() { $record = User::model()->findByAttributes(array('username' => $this->username)); $result = false; if ($record === null) { $this->objerror->title = 'Локальная авторизация'; $this->objerror->message = 'Неправельное имя пользователя'; $this->objerrors[] = clone $this->objerror; } else { if (!CPasswordHelper::verifyPassword($this->password, $record->password)) { /* else if (!$this->password === $record->password) { */ $this->objerror->title = 'Локальная авторизация'; $this->objerror->message = 'Неверный пароль пользователя "' . $this->username . '"'; $this->objerrors[] = clone $this->objerror; } else { $this->_id = $record->id; $this->setState('name', $record->username); $this->setState('authmode', 'RBAC'); // $this->setState('memberof', array()); $result = true; } } return $result; }
/** * Validates a blowfish hash against a given string for sameness. * * @param string $string * @param string $storedHash * * @return bool */ public function checkPassword($string, $storedHash) { return \CPasswordHelper::verifyPassword($string, $storedHash); }
/** * 检测用户密码 * @param [type] $password [description] * @return [type] [description] */ public function validatePassword($password) { $return = false; //判断加密方式 $settings = Setting::model()->find('scope = :scope AND variable = :variable', array(':scope' => 'base', ':variable' => 'encrypt')); switch ($settings->value) { case 'md5': if (strcmp(md5($password), $this->password) == 0) { $return = true; } break; case 'crypt': $return = CPasswordHelper::verifyPassword($password, $this->password); break; default: throw new CHttpException(500, 'Unknown Encrypt Method!'); break; } return $return; }
public function validatePassword($password) { $hash = CPasswordHelper::hashPassword($this->PASSWORD); return CPasswordHelper::verifyPassword(md5($password), $hash); }
/** * Checks if the given password is correct. * @param string the password to be validated * @return boolean whether the password is valid */ public function validatePassword($password) { return CPasswordHelper::verifyPassword($password, $this->password); }
/** * Deletes a user by setting the status to 'deleted' */ public function actionDelete($id = null) { if (!$id) { $id = Yii::app()->user->id; } $user = YumUser::model()->findByPk($id); if (Yii::app()->user->isAdmin()) { //This is necesary for handling human stupidity. if ($user && $user->id == Yii::app()->user->id) { Yum::setFlash('You can not delete your own admin account'); $this->redirect(array('//user/user/admin')); } if ($user->delete()) { Yum::setFlash('The User has been deleted'); if (!Yii::app()->request->isAjaxRequest) { $this->redirect('//user/user/admin'); } } } else { if (isset($_POST['confirmPassword'])) { if (CPasswordHelper::verifyPassword($_POST['confirmPassword'], $user->password)) { if ($user->delete()) { Yii::app()->user->logout(); $this->actionLogout(); } else { Yum::setFlash('Error while deleting Account. Account was not deleted'); } } else { Yum::setFlash('Wrong password confirmation! Account was not deleted'); } $this->redirect(Yum::module()->deleteUrl); } } $this->render('confirmDeletion', array('model' => $user)); }