public function testGetOldPassword()
{
$returnData = ['password1', 'password2'];
$this->resourceMock->expects($this->atLeastOnce())->method('getConnection')->willReturn($this->dbAdapterMock);
$this->dbAdapterMock->expects($this->atLeastOnce())->method('select')->willReturn($this->selectMock);
$this->selectMock->expects($this->atLeastOnce())->method('from')->willReturn($this->selectMock);
$this->selectMock->expects($this->atLeastOnce())->method('order')->willReturn($this->selectMock);
$this->selectMock->expects($this->atLeastOnce())->method('where')->willReturn($this->selectMock);
$this->dbAdapterMock->expects($this->atLeastOnce())->method('fetchCol')->willReturn($returnData);
$this->assertEquals($returnData, $this->model->getOldPasswords($this->userMock));
}
/**
* Harden admin password change.
*
* New password must be minimum 7 chars length and include alphanumeric characters
* The password is compared to at least last 4 previous passwords to prevent setting them again
*
* @param EventObserver $observer
* @return void
* @throws \Magento\Framework\Exception\LocalizedException
*/
public function execute(EventObserver $observer)
{
/* @var $user \Magento\User\Model\User */
$user = $observer->getEvent()->getObject();
if ($user->getNewPassword()) {
$password = $user->getNewPassword();
} else {
$password = $user->getPassword();
}
if ($password && !$user->getForceNewPassword() && $user->getId()) {
if ($this->encryptor->isValidHash($password, $user->getOrigData('password'))) {
throw new \Magento\Framework\Exception\LocalizedException(__('Sorry, but this password has already been used. Please create another.'));
}
// check whether password was used before
$passwordHash = $this->encryptor->getHash($password, false);
foreach ($this->userResource->getOldPasswords($user) as $oldPasswordHash) {
if ($passwordHash === $oldPasswordHash) {
throw new \Magento\Framework\Exception\LocalizedException(__('Sorry, but this password has already been used. Please create another.'));
}
}
}
}
