public function setUp() { parent::setUp(); include __DIR__ . DIRECTORY_SEPARATOR . 'import.php'; TestsHelper::dbFixture(USERS_TABLE, array(array('login' => self::loginFixture, 'email' => '*****@*****.**', 'password' => PasswordColumn::hash(self::passwordFixture)), array('login' => 'guest', 'email' => '*****@*****.**', 'password' => PasswordColumn::hash(self::passwordFixture)))); ACL::create(self::testReadRight, ''); ACL::create(self::testWriteRight, ''); try { SimpleCache::clear(ACLUser::CacheKey); } catch (\Exception $e) { } }
/** * */ protected function action() { $oldPassword = $this->getParam('old_password'); $oldPasswordHash = PasswordColumn::hash($oldPassword); $password = $this->getParam('password'); if ($this->userSession->password->getValue() != $oldPasswordHash) { throw new \ForbiddenException('Wrong password'); } $this->userSession->password->setValue($password); $this->userSession->update(); $this->sendNotificationEmail($password); return array('status' => true); }
/** * @param $user * @param $password * * @return bool */ protected static function isAuthPassed($user, $password) { $authPassed = $user->password->getValue() == PasswordColumn::hash($password); if (!$authPassed) { // clean up session self::unsetSession(); $error = sprintf('Password incorrect. Login attempt into user account "%s" ', $user->login); throw new \ForbiddenException($error); } $user->time_access->onLogin(); return $authPassed; }