/** * Authenticates user * * @return AuthResult */ public function authenticate() { if (!empty($this->md5Password)) { // favor authenticating by password $this->token_auth = UsersManagerAPI::getInstance()->getTokenAuth($this->login, $this->getTokenAuthSecret()); } if (is_null($this->login)) { $model = new Model(); $user = $model->getUserByTokenAuth($this->token_auth); if (!empty($user['login'])) { $code = $user['superuser_access'] ? AuthResult::SUCCESS_SUPERUSER_AUTH_CODE : AuthResult::SUCCESS; return new AuthResult($code, $user['login'], $this->token_auth); } } else { if (!empty($this->login)) { $model = new Model(); $user = $model->getUser($this->login); if (!empty($user['token_auth']) && (SessionInitializer::getHashTokenAuth($this->login, $user['token_auth']) === $this->token_auth || $user['token_auth'] === $this->token_auth)) { $this->setTokenAuth($user['token_auth']); $code = !empty($user['superuser_access']) ? AuthResult::SUCCESS_SUPERUSER_AUTH_CODE : AuthResult::SUCCESS; return new AuthResult($code, $this->login, $user['token_auth']); } } } return new AuthResult(AuthResult::FAILURE, $this->login, $this->token_auth); }
private function authenticateWithTokenOrHashToken($token, $login) { $user = $this->userModel->getUser($login); if (!empty($user['token_auth']) && (SessionInitializer::getHashTokenAuth($login, $user['token_auth']) === $token || $user['token_auth'] === $token)) { return $this->authenticationSuccess($user); } return new AuthResult(AuthResult::FAILURE, $login, $token); }
/** * @group Plugins */ public function testAuthenticateSuccessLoginAndHashedTokenAuth() { $user = $this->_setUpUser(); $hash = \Piwik\Plugins\Login\SessionInitializer::getHashTokenAuth($user['login'], $user['tokenAuth']); // valid login & hashed token auth $rc = $this->authenticate($user['login'], $tokenAuth = $hash); $this->assertUserLogin($rc); }