/** * Tests UserLoginData->resetPassword() */ public function testResetPassword() { // check start $this->assertNull($this->UserLoginData->getPasswordHashKey()); $this->dummyPartner->setNumPrevPassToKeep(3); $this->dummyPartner->save(); // set first password $pass1 = $this->UserLoginData->resetPassword(); $this->assertTrue($this->UserLoginData->isPasswordValid($pass1)); // no reset when old password is wrong $pass2 = uniqid(); $this->assertNull($this->UserLoginData->resetPassword($pass2, uniqid())); $this->assertNull($this->UserLoginData->resetPassword($pass2, null)); $this->assertNull($this->UserLoginData->resetPassword($pass2, '')); $this->assertNull($this->UserLoginData->resetPassword($pass2, 0)); // reset password with right old password $pass2_2 = $this->UserLoginData->resetPassword($pass2, $pass1); $this->assertEquals($pass2, $pass2_2); $this->assertFalse($this->UserLoginData->isPasswordValid($pass1)); $this->assertTrue($this->UserLoginData->isPasswordValid($pass2)); // set parameters for later check [*] below $this->UserLoginData->setLoginAttempts(3); $this->UserLoginData->setLoginBlockedUntil(time()); $this->assertEquals(3, $this->UserLoginData->getLoginAttempts()); $this->assertNotNull($this->UserLoginData->getLoginBlockedUntil()); // check password used before $pass3 = uniqid(); $this->UserLoginData->resetPassword($pass3, $pass2_2); $this->assertFalse($this->UserLoginData->passwordUsedBefore($pass1)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass2)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass3)); $pass4 = uniqid(); $this->UserLoginData->resetPassword($pass4, $pass3); $pass5 = uniqid(); $this->UserLoginData->resetPassword($pass5, $pass4); $this->assertFalse($this->UserLoginData->passwordUsedBefore($pass1)); $this->assertFalse($this->UserLoginData->passwordUsedBefore($pass2)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass3)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass4)); $this->assertTrue($this->UserLoginData->passwordUsedBefore($pass5)); // check changed parameters [*] $this->assertEquals(0, $this->UserLoginData->getLoginAttempts()); $this->assertNull($this->UserLoginData->getLoginBlockedUntil()); $this->assertNotNull($this->UserLoginData->getPasswordHashKey()); // check new hash key validity $dataFromHash = UserLoginDataPeer::isHashKeyValid($this->UserLoginData->getPasswordHashKey()); $this->assertEquals($this->UserLoginData->getId(), $dataFromHash->getId()); }
private static function userLogin(UserLoginData $loginData = null, $password, $partnerId = null, $validatePassword = true) { $requestedPartner = $partnerId; if (!$loginData) { throw new kUserException('', kUserException::LOGIN_DATA_NOT_FOUND); } // check if password is valid if ($validatePassword && !$loginData->isPasswordValid($password)) { if (time() < $loginData->getLoginBlockedUntil(null)) { throw new kUserException('', kUserException::LOGIN_BLOCKED); } if ($loginData->getLoginAttempts() + 1 >= $loginData->getMaxLoginAttempts()) { $loginData->setLoginBlockedUntil(time() + $loginData->getLoginBlockPeriod()); $loginData->setLoginAttempts(0); $loginData->save(); throw new kUserException('', kUserException::LOGIN_RETRIES_EXCEEDED); } $loginData->incLoginAttempts(); $loginData->save(); throw new kUserException('', kUserException::WRONG_PASSWORD); } if (time() < $loginData->getLoginBlockedUntil(null)) { throw new kUserException('', kUserException::LOGIN_BLOCKED); } $loginData->setLoginAttempts(0); $loginData->save(); $passUpdatedAt = $loginData->getPasswordUpdatedAt(null); if ($passUpdatedAt && time() > $passUpdatedAt + $loginData->getPassReplaceFreq()) { throw new kUserException('', kUserException::PASSWORD_EXPIRED); } if (!$partnerId) { $partnerId = $loginData->getLastLoginPartnerId(); } if (!$partnerId) { throw new kUserException('', kUserException::INVALID_PARTNER); } $partner = PartnerPeer::retrieveByPK($partnerId); $kuser = kuserPeer::getByLoginDataAndPartner($loginData->getId(), $partnerId); if (!$kuser || $kuser->getStatus() != KuserStatus::ACTIVE || !$partner || $partner->getStatus() != Partner::PARTNER_STATUS_ACTIVE) { // if a specific partner was requested - throw error if ($requestedPartner) { if ($partner && $partner->getStatus() != Partner::PARTNER_STATUS_ACTIVE) { throw new kUserException('', kUserException::USER_IS_BLOCKED); } else { if ($kuser && $kuser->getStatus() == KuserStatus::BLOCKED) { throw new kUserException('', kUserException::USER_IS_BLOCKED); } else { throw new kUserException('', kUserException::USER_NOT_FOUND); } } } // if kuser was found, keep status for following exception message $kuserStatus = $kuser ? $kuser->getStatus() : null; // if no specific partner was requested, but last logged in partner is not available, login to first found partner $kuser = null; $kuser = self::findFirstValidKuser($loginData->getId(), $partnerId); if (!$kuser) { if ($kuserStatus === KuserStatus::BLOCKED) { throw new kUserException('', kUserException::USER_IS_BLOCKED); } throw new kUserException('', kUserException::USER_NOT_FOUND); } } if ($kuser->getIsAdmin() && !in_array($kuser->getPartnerId(), kConf::get('no_save_of_last_login_partner_for_partner_ids'))) { $loginData->setLastLoginPartnerId($kuser->getPartnerId()); } $loginData->save(); $kuser->setLastLoginTime(time()); $kuser->save(); return $kuser; }