/**
* Adds password validation rule for login scenario
*
* @param \DevGroup\Users\models\LoginForm $loginForm
*
* @return array
*/
protected function validatePassword(LoginForm &$loginForm)
{
return ['password', function ($attribute) use(&$loginForm) {
if ($loginForm->user === null || !PasswordHelper::validate($loginForm->password, $loginForm->user->password_hash)) {
$loginForm->addError($attribute, Yii::t('users', 'Invalid login or password'));
}
}];
}
public function changePassword()
{
/** @var User $user */
$this->trigger(self::EVENT_BEFORE_PASSWORD_CHANGE);
$user = Yii::$app->user->identity;
if ($user === null) {
throw new ServerErrorHttpException("No user identity found");
}
if (PasswordHelper::validate($this->oldPassword, $user->password_hash) !== true) {
$this->addError('oldPassword', Yii::t('users', 'Old Password not valid'));
return false;
} else {
$this->trigger(self::EVENT_PASSWORD_CHANGE);
$user->password = $this->newPassword;
return $user->changePassword();
}
return false;
}
