public function test_genMD5Salt()
{
$salt = USVN_Crypt::_genMD5Salt();
$this->assertEquals(12, strlen($salt));
$this->assertEquals(substr($salt, 0, 3), '$1$');
$this->assertEquals($salt[11], '$');
}
public function setUp()
{
parent::setUp();
USVN_Translation::initTranslation("en_US", "app/locale");
$data = array("users_id" => 2, "users_login" => 'testlogin', "users_password" => USVN_Crypt::crypt('testpassword'), "users_is_admin" => false);
$this->db->insert("usvn_users", $data);
}
/**
* Check if a clear password match encrypt password
*
* @param string
* @param string
* @return bool
*/
public static function checkPassword($clear, $encrypt)
{
if (substr($encrypt, 0, 6) == '$apr1$') {
if (USVN_Crypt::_cryptApr1MD5($clear, $encrypt) == $encrypt) {
return true;
}
return false;
}
if (crypt($clear, $encrypt) == $encrypt) {
return true;
}
return false;
}
public function setUp()
{
parent::setUp();
$this->userTable = new USVN_Db_Table_Users();
$this->user = $this->userTable->fetchNew();
$this->user->users_login = '******';
$this->user->users_password = USVN_Crypt::crypt("test");
$this->userid = $this->user->save();
$this->groups = new USVN_Db_Table_Groups();
$group = $this->groups->insert(array("groups_id" => 42, "groups_name" => "test", "groups_description" => "test"));
$this->groups->insert(array("groups_id" => 43, "groups_name" => "test2", "groups_description" => "test2"));
$this->groups->insert(array("groups_id" => 44, "groups_name" => "test3", "groups_description" => "test3"));
}
protected function getUserData($data)
{
if (!isset($data['users_lastname']) || !isset($data['users_firstname']) || !isset($data['users_email']) || !isset($data['users_password']) || !isset($data['users_new_password']) || !isset($data['users_new_password_copy'])) {
return array();
}
$user = $this->getUser();
if (!USVN_Crypt::checkPassword($data['users_password'], $user->password)) {
throw new USVN_Exception(T_("Wrong password"));
}
if (!empty($data['users_new_password']) && !empty($data['users_new_password_copy'])) {
if ($data['users_new_password'] !== $data['users_new_password_copy']) {
throw new USVN_Exception(T_('Not the same password.'));
}
$data['users_password'] = $data['users_new_password'];
}
$user = array('users_lastname' => $data['users_lastname'], 'users_firstname' => $data['users_firstname'], 'users_email' => $data['users_email'], 'users_password' => $data['users_password']);
return $user;
}
/**
* Performs an authentication attempt
*
* @throws Zend_Auth_Adapter_Exception If authentication cannot be performed
* @return Zend_Auth_Result
*/
public function authenticate()
{
$result = array();
$result['isValid'] = false;
$result['identity'] = array();
$result['identity']['username'] = $this->_login;
$result['messages'] = array();
$table = new USVN_Db_Table_Users();
$user = $table->fetchRow(array('users_login = ?' => $this->_login));
if ($user === NULL) {
$result['messages'][] = sprintf(T_('Login %s not found'), $this->_login);
return new Zend_Auth_Result($result['isValid'], $result['identity'], $result['messages']);
}
if (!USVN_Crypt::checkPassword($this->_password, $user->password)) {
$result['messages'][] = T_('Incorrect password');
return new Zend_Auth_Result($result['isValid'], $result['identity'], $result['messages']);
}
$result['isValid'] = true;
return new Zend_Auth_Result($result['isValid'], $result['identity'], $result['messages']);
}
/**
* Crypt user password if changed
* Check login if changed
*
* @return void
* @throws USVN_Exception, Zend_Exception
*/
protected function _update()
{
$this->checkEmailAddress($this->_data['users_email']);
if ($this->_data['users_login'] != $this->_cleanData['users_login']) {
$user = $this->getTable()->fetchRow(array("users_login = ?" => $this->_data['users_login']));
if ($user !== null) {
throw new USVN_Exception(sprintf(T_("Login %s already exist."), $user->login));
}
$this->checkLogin($this->_data['users_login']);
}
if ($this->_data['users_password'] != $this->_cleanData['users_password']) {
$this->checkPassword($this->_data['users_password']);
$this->_data['users_password'] = USVN_Crypt::crypt($this->_data['users_password']);
}
}
/**
* Create and save a user
*
* @return USVN_Db_Table_Row_User
*/
protected function createUser($login, $password = "******")
{
$table = new USVN_Db_Table_Users();
try {
$user = $table->insert(array("users_login" => $login, "users_password" => USVN_Crypt::crypt($password), 'users_firstname' => 'firstname', 'users_lastname' => 'lastname', 'users_email' => '*****@*****.**'));
$user = $table->find($user)->current();
return $user;
} catch (Exception $e) {
$this->fail($login . " : " . $e->getMessage());
}
}
public function testUserUpdateInvalidPassword()
{
$table = new USVN_Db_Table_Users();
$obj = $table->fetchNew();
$obj->setFromArray(array('users_login' => 'UpdateInvalidPassword', 'users_password' => 'password', 'users_firstname' => 'firstname', 'users_lastname' => 'lastname', 'users_email' => '*****@*****.**'));
$id = $obj->save();
$obj = $table->find($id)->current();
$obj->setFromArray(array('users_login' => 'UpdateInvalidPassword', 'users_password' => 'badPass', 'users_firstname' => 'firstname', 'users_lastname' => 'lastname', 'users_email' => '*****@*****.**'));
try {
$obj->save();
} catch (USVN_Exception $e) {
$this->assertContains('Password incorrect', $e->getMessage());
return;
}
$user = $table->fetchRow(array('users_login = ?' => 'UpdateInvalidPassword'));
$this->assertTrue(USVN_Crypt::checkPassword('password', $user->password));
}
