public function resetProcess($code, $newPassword) { $this->trigger('resetprocess.pre'); if (!$this->verifyRequestCode($code)) { throw new \Exception('Password reset code verify failed'); } $codeItem = $this->getItem('User\\Item\\Code'); $userId = $codeItem->user_id; $this->setItem(array('id' => $userId)); $item = $this->getItem(); $item->self(array('*')); $salt = $item->salt; $oldPassword = $item->password; $bcrypt = new \Zend\Crypt\Password\Bcrypt(); $bcrypt->setSalt($salt); $item->password = $bcrypt->create($newPassword); $item->oldPassword = $oldPassword; $item->lastPasswordChangeTime = \Eva\Date\Date::getNow(); $this->trigger('resetprocess'); $item->save(); $codeItem->clear(); $codeItem->getDataClass()->where(array('code' => $code))->save(array('codeStatus' => 'used', 'used_by_id' => $userId, 'usedTime' => \Eva\Date\Date::getNow())); //One code used will expire all other active codes $codeItem->getDataClass()->where(array('codeType' => 'resetPassword', 'codeStatus' => 'active', 'user_id' => $userId))->save(array('codeStatus' => 'expired', 'expiredTime' => \Eva\Date\Date::getNow())); $this->trigger('resetprocess.post'); }
public function getPassword() { if (!$this->password) { return null; } $salt = $this->getSalt(); $bcrypt = new \Zend\Crypt\Password\Bcrypt(); $bcrypt->setSalt($salt); return $this->password = $bcrypt->create($this->password); }
public static function verifyPassword($password, $data) { $userModel = \Eva\Api::_()->getModel('User\\Model\\User'); $user = $userModel->getUser($data['id']); $salt = $user->salt; $bcrypt = new \Zend\Crypt\Password\Bcrypt(); $bcrypt->setSalt($salt); $verifyPassword = $bcrypt->create($password); if ($verifyPassword === $user->password) { return true; } return false; }
$container['authentication_storage'] = function ($c) { return new GrEduLabs\Authentication\Storage\PhpSession(); }; $container['authentication_adapter'] = function ($c) { return new GrEduLabs\Authentication\Adapter\RedBeanPHP($c['events'], $c['identity_class_resolver'], $c['authentication_crypt']); }; $container['authentication_service'] = function ($c) { return new Zend\Authentication\AuthenticationService($c['authentication_storage'], $c['authentication_adapter']); }; $container['identity_class_resolver'] = $container->protect(function () { return 'GrEduLabs\\Authentication\\Identity'; }); $container['authentication_crypt'] = function ($c) { $service = new Zend\Crypt\Password\Bcrypt(); if (isset($c['settings']['authentication']['bcrypt']['salt'])) { $service->setSalt($c->settings['authentication']['bcrypt']['salt']); } if (isset($c['settings']['authentication']['bcrypt']['cost'])) { $service->setCost($c->settings['authentication']['bcrypt']['cost']); } return $service; }; $container[GrEduLabs\Authentication\Action\User\Login::class] = function ($c) { return new GrEduLabs\Authentication\Action\User\Login($c['view'], $c['authentication_service'], $c['flash'], $c['router']->pathFor('index')); }; $container[GrEduLabs\Authentication\Action\User\Logout::class] = function ($c) { return new GrEduLabs\Authentication\Action\User\Logout($c['authentication_service'], $c['events'], $c['router']->pathFor('index')); }; $nav = $container['settings']->get('navigation'); $nav['authentication'] = ['login' => ['label' => 'Σύνδεση', 'route' => 'user.login', 'icon' => 'unlock'], 'logout' => ['label' => 'Αποσύνδεση', 'route' => 'user.logout', 'id' => 'nav-logout', 'icon' => 'lock']]; $container['settings']->set('navigation', $nav);
<?php return array('doctrine' => array('driver' => array('MyDoctrineAuth_Entities' => array('class' => 'Doctrine\\ORM\\Mapping\\Driver\\AnnotationDriver', 'cache' => 'array', 'paths' => array(__DIR__ . '/../src/MyDoctrineAuth/Entity')), 'orm_default' => array('drivers' => array('MyDoctrineAuth\\Entity' => 'MyDoctrineAuth_Entities'))), 'authentication' => array('orm_default' => array('object_manager' => 'Doctrine\\ORM\\EntityManager', 'identity_class' => 'MyDoctrineAuth\\Entity\\User', 'identity_property' => 'email', 'credential_property' => 'password', 'credential_callable' => function (\MyDoctrineAuth\Entity\User $user, $passwordGiven) { // using Bcrypt $bcrypt = new \Zend\Crypt\Password\Bcrypt(); $bcrypt->setSalt('m3s3Cr3tS4lty34h'); // $passwordGiven is unhashed password that inputted by user // $user->getPassword() is hashed password that saved in db return $bcrypt->verify($passwordGiven, $user->getPassword()); }))), 'doctrine_factories' => array('authenticationadapter' => 'MyDoctrineAuth\\Factory\\Authentication\\AdapterFactory'), 'service_manager' => array('factories' => array('Zend\\Authentication\\AuthenticationService' => function ($serviceManager) { return $serviceManager->get('doctrine.authenticationservice.orm_default'); }), 'invokables' => array('MySampleListener' => 'MyDoctrineAuth\\Event\\MySampleListener')), 'controllers' => array('factories' => array('MyDoctrineAuth\\Controller\\Auth' => function ($controller) { $authController = new \MyDoctrineAuth\Controller\AuthController($controller->getServiceLocator()->get('Zend\\Authentication\\AuthenticationService')); return $authController; })), 'router' => array('routes' => array('auth' => array('type' => 'Literal', 'options' => array('route' => '/auth', 'defaults' => array('__NAMESPACE__' => 'MyDoctrineAuth\\Controller', 'controller' => 'Auth', 'action' => 'index')), 'may_terminate' => true, 'child_routes' => array('process' => array('type' => 'Segment', 'options' => array('route' => '/[:action]', 'constraints' => array('controller' => '[a-zA-Z][a-zA-Z0-9_-]*', 'action' => '[a-zA-Z][a-zA-Z0-9_-]*'), 'defaults' => array())))), 'save-user' => array('type' => 'Literal', 'options' => array('route' => '/auth/save-user', 'defaults' => array('__NAMESPACE__' => 'MyDoctrineAuth\\Controller', 'controller' => 'Auth', 'action' => 'saveUser')), 'may_terminate' => true, 'child_routes' => array('process' => array('type' => 'Segment', 'options' => array('route' => '/[:action]', 'constraints' => array('controller' => '[a-zA-Z][a-zA-Z0-9_-]*', 'action' => '[a-zA-Z][a-zA-Z0-9_-]*'), 'defaults' => array())))), 'login' => array('type' => 'Literal', 'options' => array('route' => '/login', 'defaults' => array('__NAMESPACE__' => 'MyDoctrineAuth\\Controller', 'controller' => 'Auth', 'action' => 'login')), 'may_terminate' => true, 'child_routes' => array('process' => array('type' => 'Segment', 'options' => array('route' => '/[:action]', 'constraints' => array('controller' => '[a-zA-Z][a-zA-Z0-9_-]*', 'action' => '[a-zA-Z][a-zA-Z0-9_-]*'), 'defaults' => array())))))), 'view_manager' => array('template_path_stack' => array('auth' => __DIR__ . '/../view')));
public function saveUserAction() { $em = $this->getEntityManager(); $request = $this->getRequest(); // print_r($request->getPost()); $user = new User(); $user->setEmail($request->getPost('email')); $bcrypt = new \Zend\Crypt\Password\Bcrypt(); $bcrypt->setSalt('m3s3Cr3tS4lty34h'); $user->setPassword($bcrypt->create($request->getPost('password'))); $user->setIsActive(1); $user->setUsersalt($bcrypt->create($user->getEmail())); $em->persist($user); $em->flush(); return new JsonModel(array(array('user' => $user))); }
public function loginByPassword($loginIdentity, $password) { $identityType = 'userName'; if (is_numeric($loginIdentity)) { $identityType = 'mobile'; } else { $validator = new \Zend\Validator\EmailAddress(); if ($validator->isValid($loginIdentity)) { $identityType = 'email'; } } switch ($identityType) { case 'email': $dbWhere = array('email' => $loginIdentity); $identityColumn = 'email'; break; case 'mobile': $dbWhere = array('mobile' => $loginIdentity); $identityColumn = 'mobile'; break; default: $dbWhere = array('userName' => $loginIdentity); $identityColumn = 'userName'; } $auth = Auth::factory(); $user = $this->getItem()->getDataClass()->columns(array('id', 'salt', 'userName'))->where($dbWhere)->find('one'); if (!$user || !$user['id']) { return $this->loginResult = new Result(Result::FAILURE_IDENTITY_NOT_FOUND, $loginIdentity, array(Result::FAILURE_IDENTITY_NOT_FOUND => 'A record with the supplied identity could not be found.')); } if (!$user['salt']) { throw new \Exception(sprintf('User authention salt not found')); } $bcrypt = new \Zend\Crypt\Password\Bcrypt(); $bcrypt->setSalt($user['salt']); $password = $bcrypt->create($password); $this->loginResult = $loginResult = $auth->getAuthService(array('tableName' => 'user_users', 'identityColumn' => $identityColumn, 'credentialColumn' => 'password'))->getAdapter()->setIdentity($loginIdentity)->setCredential($password)->authenticate(); if ($loginResult->isValid()) { return $this->loginById($user['id']); } return $loginResult; }