Example #1
0
 public function testEncrypt()
 {
     $data = 'known data';
     $key = 'secret';
     $encryptedData = Security::encrypt($data, $key);
     $this->assertFalse($data === $encryptedData);
     $decryptedData = Security::decrypt($encryptedData, $key);
     $this->assertEquals($data, $decryptedData);
 }
Example #2
0
 public function testLoginCorrect()
 {
     $model = $this->mockUser(new User(['password_hash' => Security::generatePasswordHash('demo')]));
     $model->username = '******';
     $model->password = '******';
     $this->specify('user should be able to login with correct credentials', function () use($model) {
         expect('model should login user', $model->login())->true();
         expect('error message should not be set', $model->errors)->hasntKey('password');
         expect('user should be logged in', Yii::$app->user->isGuest)->false();
     });
 }
Example #3
0
 public function testRegister()
 {
     $this->specify('user should be registered', function () {
         $user = new User(['scenario' => 'register']);
         $user->username = '******';
         $user->email = '*****@*****.**';
         $user->password = '******';
         verify($user->register())->true();
         verify($user->username)->equals('tester');
         verify($user->email)->equals('*****@*****.**');
         verify(Security::validatePassword('tester', $user->password_hash))->true();
     });
     $this->specify('profile should be created after registration', function () {
         $user = new User(['scenario' => 'register']);
         $user->username = '******';
         $user->email = '*****@*****.**';
         $user->password = '******';
         verify($user->register())->true();
         verify($user->profile->gravatar_email)->equals('*****@*****.**');
     });
 }
Example #4
0
File: User.php Project: pumi11/aau 
 /** EXTENSION MOVIE **/
 public function beforeSave($insert)
 {
     if (parent::beforeSave($insert)) {
         if ($this->isNewRecord) {
             $this->auth_key = Security::generateRandomKey();
         }
         return true;
     }
     return false;
 }
Example #5
0
 public function processResponse($event)
 {
     /** @var \yii\web\Response $response */
     $response = $event->sender;
     $request = Yii::$app->getRequest();
     $this->headers = $response->getHeaders()->toArray();
     $response->getHeaders()->removeAll();
     $this->statusCode = $response->getStatusCode();
     $cookies = $response->getCookies();
     if ($request->enableCookieValidation) {
         $validationKey = $request->getCookieValidationKey();
     }
     foreach ($cookies as $cookie) {
         /** @var \yii\web\Cookie $cookie */
         $value = $cookie->value;
         if ($cookie->expire != 1 && isset($validationKey)) {
             $value = Security::hashData(serialize($value), $validationKey);
         }
         $c = new Cookie($cookie->name, $value, $cookie->expire, $cookie->path, $cookie->domain, $cookie->secure, $cookie->httpOnly);
         $this->getCookieJar()->set($c);
     }
     $cookies->removeAll();
 }
Example #6
0
 /**
  * Creates a cookie with a randomly generated CSRF token.
  * Initial values specified in [[csrfCookie]] will be applied to the generated cookie.
  * @return Cookie the generated cookie
  * @see enableCsrfValidation
  */
 protected function createCsrfCookie()
 {
     $options = $this->csrfCookie;
     $options['name'] = $this->csrfParam;
     $options['value'] = Security::generateRandomKey();
     return new Cookie($options);
 }
Example #7
0
 /**
  * Sends the cookies to the client.
  */
 protected function sendCookies()
 {
     if ($this->_cookies === null) {
         return;
     }
     $request = Yii::$app->getRequest();
     if ($request->enableCookieValidation) {
         $validationKey = $request->getCookieValidationKey();
     }
     foreach ($this->getCookies() as $cookie) {
         $value = $cookie->value;
         if ($cookie->expire != 1 && isset($validationKey)) {
             $value = Security::hashData(serialize($value), $validationKey);
         }
         setcookie($cookie->name, $value, $cookie->expire, $cookie->path, $cookie->domain, $cookie->secure, $cookie->httpOnly);
     }
     $this->getCookies()->removeAll();
 }
Example #8
0
 /**
  * Generates recovery data and sends recovery message to user.
  */
 public function sendRecoveryMessage()
 {
     $this->recovery_token = Security::generateRandomKey();
     $this->recovery_sent_at = time();
     $this->save(false);
     return $this->sendMessage($this->email, \Yii::t('user', 'Please complete password reset'), 'recovery', ['user' => $this]);
 }
Example #9
0
 public function generateAuthKey()
 {
     $this->auth_key = Security::generateRandomKey();
 }
Example #10
0
 /**
  * Wrapper for yii security helper method.
  *
  * @param $password
  * @param $hash
  * @return bool
  */
 public static function validate($password, $hash)
 {
     return Security::validatePassword($password, $hash);
 }
Example #11
0
 private function sendPasswordResetEmail($email)
 {
     $user = User::find(['status' => User::STATUS_ACTIVE, 'email' => $email]);
     if (!$user) {
         return false;
     }
     $user->password_reset_token = Security::generateRandomKey();
     if ($user->save(false)) {
         return \Yii::$app->mail->compose('passwordResetToken', ['user' => $user])->setFrom([\Yii::$app->params['supportEmail'] => \Yii::$app->name . ' robot'])->setTo($email)->setSubject('Password reset for ' . \Yii::$app->name)->send();
     }
     return false;
 }
Example #12
0
 private function sendPasswordResetEmail($phone)
 {
     $user = User::find(['status' => User::STATUS_ACTIVE, 'phone' => $phone])->one();
     if (!$user) {
         return false;
     }
     $user->password_reset_token = Security::generateRandomKey();
     $user->password = User::generatePassword();
     if ($user->save(false)) {
         $result = \Yii::$app->sms->sms_send(preg_replace("/[^0-9]/", '', $user->phone), 'Ваш новый пароль: ' . $user->password, "Kvadro");
         return true;
     }
     return false;
 }
Example #13
0
 /**
  * Validates the password.
  */
 public function validatePassword()
 {
     if ($this->user === null || !Security::validatePassword($this->password, $this->user->password_hash)) {
         $this->addError('password', \Yii::t('user', 'Invalid login or password'));
     }
 }
Example #14
0
 /**
  * @inheritdoc
  */
 public function beforeSave($insert)
 {
     if ($insert) {
         $this->setAttribute('auth_key', Security::generateRandomKey());
         $this->setAttribute('role', $this->module->defaultRole);
     }
     if (!empty($this->password)) {
         $this->setAttribute('password_hash', Password::hash($this->password));
     }
     return parent::beforeSave($insert);
 }
Example #15
0
<?php

use yii\helpers\Security;
return ['username' => 'userName', 'auth_key' => function ($fixture, $faker, $index) {
    $fixture['auth_key'] = Security::generateRandomKey();
    return $fixture;
}, 'password_hash' => function ($fixture, $faker, $index) {
    $fixture['password_hash'] = Security::generatePasswordHash('password_' . $index);
    return $fixture;
}, 'password_reset_token' => function ($fixture, $faker, $index) {
    $fixture['password_reset_token'] = Security::generateRandomKey() . '_' . time();
    return $fixture;
}, 'created_at' => function ($fixture, $faker, $index) {
    $fixture['created_at'] = time();
    return $fixture;
}, 'updated_at' => function ($fixture, $faker, $index) {
    $fixture['updated_at'] = time();
    return $fixture;
}, 'email' => 'email'];
Example #16
0
 private function sendPasswordResetEmail($email)
 {
     $user = User::find(array('status' => User::STATUS_ACTIVE, 'email' => $email));
     if (!$user) {
         return false;
     }
     $user->password_reset_token = Security::generateRandomKey();
     if ($user->save(false)) {
         $fromEmail = \Yii::$app->params['supportEmail'];
         $name = '=?UTF-8?B?' . base64_encode(\Yii::$app->name . ' robot') . '?=';
         $subject = '=?UTF-8?B?' . base64_encode('Password reset for ' . \Yii::$app->name) . '?=';
         $body = $this->renderPartial('/emails/passwordResetToken', array('user' => $user));
         $headers = "From: {$name} <{$fromEmail}>\r\n" . "MIME-Version: 1.0\r\n" . "Content-type: text/plain; charset=UTF-8";
         return mail($fromEmail, $subject, $body, $headers);
     }
     return false;
 }
Example #17
0
 /**
  * Generates new password reset token
  */
 public function generatePasswordResetToken()
 {
     $this->password_reset_token = Security::generateRandomKey() . '_' . time();
 }
Example #18
0
 public function getUniqueToken($id = null)
 {
     $id = is_null($id) ? $this->user_id : $id;
     switch (($user = User::find((int) $id)) == null) {
         case true:
             throw new NotFoundHttpException('The requested user does not exist.');
             break;
     }
     switch ($user->api_key == null) {
         case true:
             $user->generateApiToken();
             break;
     }
     return \yii\helpers\Security::hashData(uniqid(), $user->api_key, 'fnv164');
 }
Example #19
0
 public function beforeSave($insert)
 {
     if (parent::beforeSave($insert)) {
         if (($this->isNewRecord || $this->getScenario() === 'resetPassword') && !empty($this->password)) {
             $this->password_hash = Security::generatePasswordHash($this->password);
         }
         if ($this->isNewRecord) {
             $this->auth_key = Security::generateRandomKey();
         }
         return true;
     }
     return false;
 }
Example #20
0
File: User.php Project: jamezlee/v3 
 /**
  * Generates password hash from password and sets it to the model
  *
  * @param string $password
  */
 public function setPassword($password)
 {
     $this->pass = Security::generatePasswordHash($password);
 }