Esempio n. 1
0
 /**
  * Comprueba la clave maestra del usuario.
  *
  * @param User $User
  * @return bool
  */
 public static function checkUserMPass(User $User)
 {
     $userMPass = $User->getUserMPass(true);
     if ($userMPass === false) {
         return false;
     }
     $configHashMPass = ConfigDB::getValue('masterPwd');
     if ($configHashMPass === false || is_null($configHashMPass)) {
         return false;
     }
     // Comprobamos el hash de la clave del usuario con la guardada
     return Crypt::checkHashPass($userMPass, $configHashMPass, true);
 }
Esempio n. 2
0
 /**
  * Comprueba si la clave temporal es válida
  *
  * @param string $pass clave a comprobar
  * @return bool
  */
 public static function checkTempMasterPass($pass)
 {
     $passTime = ConfigDB::getValue('tempmaster_passtime');
     $passMaxTime = ConfigDB::getValue('tempmaster_maxtime');
     $attempts = ConfigDB::getValue('tempmaster_attempts');
     // Comprobar si el tiempo de validez se ha superado
     if ($passTime !== false && time() - $passTime > $passMaxTime || $attempts >= 5) {
         ConfigDB::setCacheConfigValue('tempmaster_pass', '');
         ConfigDB::setCacheConfigValue('tempmaster_passiv', '');
         ConfigDB::setCacheConfigValue('tempmaster_passhash', '');
         ConfigDB::writeConfig();
         return false;
     }
     Crypt::checkHashPass($pass, ConfigDB::getValue('tempmaster_passhash'));
     $isValid = Crypt::checkHashPass($pass, ConfigDB::getValue('tempmaster_passhash'));
     if (!$isValid) {
         ConfigDB::setValue('tempmaster_attempts', $attempts + 1, false);
     }
     return $isValid;
 }
Esempio n. 3
0
 /**
  * Actualizar la clave maestra del usuario en la BBDD.
  *
  * @param string $masterPwd con la clave maestra
  * @return bool
  */
 public function updateUserMPass($masterPwd)
 {
     $configHashMPass = ConfigDB::getValue('masterPwd');
     if ($configHashMPass === false) {
         return false;
     }
     if (is_null($configHashMPass)) {
         $configHashMPass = Crypt::mkHashPassword($masterPwd);
         ConfigDB::setValue('masterPwd', $configHashMPass);
     }
     if (Crypt::checkHashPass($masterPwd, $configHashMPass, true)) {
         $cryptMPass = Crypt::mkCustomMPassEncrypt(self::getCypherPass(), $masterPwd);
         if (!$cryptMPass) {
             return false;
         }
     } else {
         return false;
     }
     $query = 'UPDATE usrData SET ' . 'user_mPass = :mPass,' . 'user_mIV = :mIV,' . 'user_lastUpdateMPass = UNIX_TIMESTAMP() ' . 'WHERE user_id = :id LIMIT 1';
     $data['mPass'] = $cryptMPass[0];
     $data['mIV'] = $cryptMPass[1];
     $data['id'] = $this->_userId;
     return DB::getQuery($query, __FUNCTION__, $data);
 }