public function updatePassword(UpdatePasswordCommand $command, $login = null) { $user = $this->getUserOrCurrentUser($login); $passwordIsValid = $this->passwordEncoder->isPasswordValid($user->getPassword(), $command->getOldPassword(), $user->getNonce()); if (!$passwordIsValid) { throw new AccountException('Invalid password provided'); } $this->userManipulator->setPassword($user, $command->getPassword()); }
public function resetPassword($resetToken, $newPassword) { $token = $this->tokenRepository->findValidToken($resetToken); if ($token === null || $token->getType() != TokenManipulator::TYPE_PASSWORD) { $this->application->abort(401, 'A token is required'); } $this->userManipulator->setPassword($token->getUser(), $newPassword); $this->tokenManipulator->delete($token); }
/** * {@inheritdoc} */ public function getUsrId($username, $password, Request $request) { if (null === ($user = $this->repository->findRealUserByLogin($username))) { return null; } if ($user->isSpecial()) { return null; } // check locked account if ($user->isMailLocked()) { throw new AccountLockedException('The account is locked', $user->getId()); } if (false === $user->isSaltedPassword()) { // we need a quick update and continue if ($this->oldEncoder->isPasswordValid($user->getPassword(), $password, $user->getNonce())) { $this->userManipulator->setPassword($user, $password); } } if (false === $this->encoder->isPasswordValid($user->getPassword(), $password, $user->getNonce())) { return null; } return $user->getId(); }