Example #1
0
 private static function set_csrf_token_if_not_set()
 {
     if (!isset($_SESSION['csrf_token'])) {
         $_SESSION['csrf_token'] = NeechySecurity::random_hex(40);
     }
     return $_SESSION['csrf_token'];
 }
Example #2
0
 public static function create_on_install()
 {
     # Create System user
     $system_user_name = NEECHY_USER;
     $system_user_email = '*****@*****.**';
     $system_user = new User(array('name' => $system_user_name, 'email' => $system_user_email, 'status' => self::$STATUS_LEVELS['NEW']));
     $system_user->set_password(NeechySecurity::random_hex());
     $system_user->save();
     # Create Owner (user currently logged in)
     $app_engine_user = AppAuthService::user();
     if ($app_engine_user) {
         $owner_name = $app_engine_user->getNickname();
         $owner_email = $app_engine_user->getEmail();
         $owner = new User(array('name' => $owner_name, 'email' => $owner_email, 'status' => self::$STATUS_LEVELS['NEW']));
         $owner->set_password(NeechySecurity::random_hex());
         $owner->save();
     } else {
         $owner = null;
     }
     return array($system_user, $owner);
 }
Example #3
0
    protected function create_admin_user()
    {
        $this->print_header('Create Admin User');
        $name_is_valid = false;
        $email_is_valid = false;
        # Choose name (5 tries)
        $strikes = 5;
        while (!$name_is_valid) {
            $validator = new SignUpValidator();
            $name = $this->prompt_user('Please enter your new user name');
            if (!$validator->validate_signup_user($name, 'name')) {
                $m = sprintf('invalid user name: %s', implode(', ', $validator->errors['name']));
                $this->println($m);
                $strikes--;
            } else {
                $name_is_valid = true;
            }
            if ($strikes < 1) {
                $m = 'User name cannot be validated. Install failed. Please start over.';
                throw new NeechyInstallError($m);
            }
        }
        # Input email
        $strikes = 5;
        while (!$email_is_valid) {
            $validator = new SignUpValidator();
            $email = $this->prompt_user('Please enter your email');
            if (!$validator->validate_signup_email($email, 'email')) {
                $m = sprintf('invalid email address: %s', implode(', ', $validator->errors['email']));
                $this->println($m);
                $strikes--;
            } else {
                $email_is_valid = true;
            }
            if ($strikes < 1) {
                $m = 'Email cannot be validated. Install failed. Please start over.';
                throw new NeechyInstallError($m);
            }
        }
        # Register user and create page
        $password = NeechySecurity::random_hex();
        $this->register_admin_user($name, $email, $password);
        # Feedback
        $format = <<<STDOUT
An admin has been created with your user name: %s
Your random password is: %s

Please login now and change your password.
STDOUT;
        $this->println(sprintf($format, $name, $password));
    }
Example #4
0
 private function reset_user_password($user, $password = null)
 {
     $password = !empty($password) ? $password : NeechySecurity::random_hex();
     $user->set_password($password);
     $user->save();
     return $password;
 }