public function update($user) { if (!$user instanceof User) { throw new EntityInvalidException(sprintf('Required object of type "%s" but got "%s"', EntityNames::USER, get_class($user))); } $dbUser = $this->em->getRepository(EntityNames::USER)->find($user->getId()); if (null === $dbUser) { throw new EntityNotFoundException(sprintf('Could not find user with id "%s"', $user->getId())); } if ($user->getPlainPassword() === null || $user->getPlainPassword() === '') { // user has not set a new password $user->setPasswordHash($dbUser->getPasswordHash()); } else { // hash provided plaintext password $user->setPasswordHash(PasswordHandler::hash($user->getPlainPassword())); $user->setPlainPassword(''); } if ($user->getUserGroup() instanceof UserGroup) { $user->setUserGroup($this->em->getRepository(EntityNames::USER_GROUP)->find($user->getUserGroup()->getId())); } $dbUser->update($user); try { $this->em->flush(); } catch (DBALException $dbalex) { $this->log->error($dbalex); throw new EntityNotUpdatedException($dbalex->getMessage()); } return $dbUser; }
public function completeRegistrationAction($token) { $em = $this->app->entityManager; $registrationRepository = $em->getRepository(EntityNames::REGISTRATION); $origRegistration = $registrationRepository->findOneBy(array('token' => $token)); $submittedPass = $this->app->request->post('password'); if (!$origRegistration instanceof Registration) { $this->app->flashNow('registration.error', 'Token not found'); $this->app->render('registration-form.html.twig', array('token' => $token, 'user' => null)); return; } try { PasswordValidator::validatePassword($submittedPass); } catch (PasswordInvalidException $pie) { $this->app->flashNow('registration.error', 'Password must be at least 8 characters long'); $this->app->render('registration-form.html.twig', array('token' => $token, 'user' => $origRegistration->getUser())); return; } $passwordHash = PasswordHandler::hash($submittedPass); $user = $origRegistration->getUser(); $user->setIsLocked(false); $user->setHasEmailValidated(true); $user->setPasswordHash($passwordHash); $em->remove($origRegistration); // force update try { $em->flush(); } catch (DBALException $dbalex) { $now = new DateTime(); $this->app->log->error(sprintf('[%s]: %s', $now->format('d-m-Y H:i:s'), $dbalex->getMessage())); ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::CONFLICT, $dbalex->getMessage()); return; } $this->app->redirect('/login'); }
/** * Creates the admin user based on the configuration data.<br> * Required keys in $config are * <ul> * <li>[username]</li> * <li>[password]</li> * <li>[email]</li> * </ul> * * @param array $config The array holding the above keys */ protected function createAdminUser(array $config) { $userGroup = $this->app->entityManager->getRepository(EntityNames::USER_GROUP)->findOneBy(array('name' => 'Admin')); $now = new DateTime(); $user = new User(); $user->setFirstName(''); $user->setLastName(''); $user->setUserName($config['username']); $user->setPasswordHash(PasswordHandler::hash($config['password'])); $user->setEmail($config['email']); $user->setIsLocked(false); $user->setUserGroup($userGroup); $user->setRegistrationDate($now); $user->setLastLoginDate($now); $user->setHasEmailValidated(false); $this->app->registrationHandler->registerUser($user); }
/** * Checks whether a user with the given credentials exist. * * @param $userName string The username * @param $password string The password * * @return \rmatil\cms\Entities\User The found user, on success * * @throws \rmatil\cms\Exceptions\UserNotFoundException If the user does not exist * @throws \rmatil\cms\Exceptions\WrongCredentialsException If the credentials do not match * @throws \rmatil\cms\Exceptions\UserLockedException If the uesr is locked */ public function authenticateUser($userName, $password) { $user = $this->em->getRepository(EntityNames::USER)->findOneBy(array('userName' => $userName)); if (!$user instanceof User) { throw new UserNotFoundException(sprintf('User with username "%s" could not be found', $userName)); } if (false === PasswordHandler::isEqual($password, $user->getPasswordHash())) { throw new WrongCredentialsException('Password does not match'); } if (true === $user->getIsLocked()) { throw new UserLockedException(sprintf('User with username "%s" is locked', $userName)); } return $user; }