public function resetProcess($code, $newPassword)
{
$this->trigger('resetprocess.pre');
if (!$this->verifyRequestCode($code)) {
throw new \Exception('Password reset code verify failed');
}
$codeItem = $this->getItem('User\\Item\\Code');
$userId = $codeItem->user_id;
$this->setItem(array('id' => $userId));
$item = $this->getItem();
$item->self(array('*'));
$salt = $item->salt;
$oldPassword = $item->password;
$bcrypt = new \Zend\Crypt\Password\Bcrypt();
$bcrypt->setSalt($salt);
$item->password = $bcrypt->create($newPassword);
$item->oldPassword = $oldPassword;
$item->lastPasswordChangeTime = \Eva\Date\Date::getNow();
$this->trigger('resetprocess');
$item->save();
$codeItem->clear();
$codeItem->getDataClass()->where(array('code' => $code))->save(array('codeStatus' => 'used', 'used_by_id' => $userId, 'usedTime' => \Eva\Date\Date::getNow()));
//One code used will expire all other active codes
$codeItem->getDataClass()->where(array('codeType' => 'resetPassword', 'codeStatus' => 'active', 'user_id' => $userId))->save(array('codeStatus' => 'expired', 'expiredTime' => \Eva\Date\Date::getNow()));
$this->trigger('resetprocess.post');
}
public function getPassword()
{
if (!$this->password) {
return null;
}
$salt = $this->getSalt();
$bcrypt = new \Zend\Crypt\Password\Bcrypt();
$bcrypt->setSalt($salt);
return $this->password = $bcrypt->create($this->password);
}
public static function verifyPassword($password, $data)
{
$userModel = \Eva\Api::_()->getModel('User\\Model\\User');
$user = $userModel->getUser($data['id']);
$salt = $user->salt;
$bcrypt = new \Zend\Crypt\Password\Bcrypt();
$bcrypt->setSalt($salt);
$verifyPassword = $bcrypt->create($password);
if ($verifyPassword === $user->password) {
return true;
}
return false;
}
$container['authentication_storage'] = function ($c) {
return new GrEduLabs\Authentication\Storage\PhpSession();
};
$container['authentication_adapter'] = function ($c) {
return new GrEduLabs\Authentication\Adapter\RedBeanPHP($c['events'], $c['identity_class_resolver'], $c['authentication_crypt']);
};
$container['authentication_service'] = function ($c) {
return new Zend\Authentication\AuthenticationService($c['authentication_storage'], $c['authentication_adapter']);
};
$container['identity_class_resolver'] = $container->protect(function () {
return 'GrEduLabs\\Authentication\\Identity';
});
$container['authentication_crypt'] = function ($c) {
$service = new Zend\Crypt\Password\Bcrypt();
if (isset($c['settings']['authentication']['bcrypt']['salt'])) {
$service->setSalt($c->settings['authentication']['bcrypt']['salt']);
}
if (isset($c['settings']['authentication']['bcrypt']['cost'])) {
$service->setCost($c->settings['authentication']['bcrypt']['cost']);
}
return $service;
};
$container[GrEduLabs\Authentication\Action\User\Login::class] = function ($c) {
return new GrEduLabs\Authentication\Action\User\Login($c['view'], $c['authentication_service'], $c['flash'], $c['router']->pathFor('index'));
};
$container[GrEduLabs\Authentication\Action\User\Logout::class] = function ($c) {
return new GrEduLabs\Authentication\Action\User\Logout($c['authentication_service'], $c['events'], $c['router']->pathFor('index'));
};
$nav = $container['settings']->get('navigation');
$nav['authentication'] = ['login' => ['label' => 'Σύνδεση', 'route' => 'user.login', 'icon' => 'unlock'], 'logout' => ['label' => 'Αποσύνδεση', 'route' => 'user.logout', 'id' => 'nav-logout', 'icon' => 'lock']];
$container['settings']->set('navigation', $nav);
<?php
return array('doctrine' => array('driver' => array('MyDoctrineAuth_Entities' => array('class' => 'Doctrine\\ORM\\Mapping\\Driver\\AnnotationDriver', 'cache' => 'array', 'paths' => array(__DIR__ . '/../src/MyDoctrineAuth/Entity')), 'orm_default' => array('drivers' => array('MyDoctrineAuth\\Entity' => 'MyDoctrineAuth_Entities'))), 'authentication' => array('orm_default' => array('object_manager' => 'Doctrine\\ORM\\EntityManager', 'identity_class' => 'MyDoctrineAuth\\Entity\\User', 'identity_property' => 'email', 'credential_property' => 'password', 'credential_callable' => function (\MyDoctrineAuth\Entity\User $user, $passwordGiven) {
// using Bcrypt
$bcrypt = new \Zend\Crypt\Password\Bcrypt();
$bcrypt->setSalt('m3s3Cr3tS4lty34h');
// $passwordGiven is unhashed password that inputted by user
// $user->getPassword() is hashed password that saved in db
return $bcrypt->verify($passwordGiven, $user->getPassword());
}))), 'doctrine_factories' => array('authenticationadapter' => 'MyDoctrineAuth\\Factory\\Authentication\\AdapterFactory'), 'service_manager' => array('factories' => array('Zend\\Authentication\\AuthenticationService' => function ($serviceManager) {
return $serviceManager->get('doctrine.authenticationservice.orm_default');
}), 'invokables' => array('MySampleListener' => 'MyDoctrineAuth\\Event\\MySampleListener')), 'controllers' => array('factories' => array('MyDoctrineAuth\\Controller\\Auth' => function ($controller) {
$authController = new \MyDoctrineAuth\Controller\AuthController($controller->getServiceLocator()->get('Zend\\Authentication\\AuthenticationService'));
return $authController;
})), 'router' => array('routes' => array('auth' => array('type' => 'Literal', 'options' => array('route' => '/auth', 'defaults' => array('__NAMESPACE__' => 'MyDoctrineAuth\\Controller', 'controller' => 'Auth', 'action' => 'index')), 'may_terminate' => true, 'child_routes' => array('process' => array('type' => 'Segment', 'options' => array('route' => '/[:action]', 'constraints' => array('controller' => '[a-zA-Z][a-zA-Z0-9_-]*', 'action' => '[a-zA-Z][a-zA-Z0-9_-]*'), 'defaults' => array())))), 'save-user' => array('type' => 'Literal', 'options' => array('route' => '/auth/save-user', 'defaults' => array('__NAMESPACE__' => 'MyDoctrineAuth\\Controller', 'controller' => 'Auth', 'action' => 'saveUser')), 'may_terminate' => true, 'child_routes' => array('process' => array('type' => 'Segment', 'options' => array('route' => '/[:action]', 'constraints' => array('controller' => '[a-zA-Z][a-zA-Z0-9_-]*', 'action' => '[a-zA-Z][a-zA-Z0-9_-]*'), 'defaults' => array())))), 'login' => array('type' => 'Literal', 'options' => array('route' => '/login', 'defaults' => array('__NAMESPACE__' => 'MyDoctrineAuth\\Controller', 'controller' => 'Auth', 'action' => 'login')), 'may_terminate' => true, 'child_routes' => array('process' => array('type' => 'Segment', 'options' => array('route' => '/[:action]', 'constraints' => array('controller' => '[a-zA-Z][a-zA-Z0-9_-]*', 'action' => '[a-zA-Z][a-zA-Z0-9_-]*'), 'defaults' => array())))))), 'view_manager' => array('template_path_stack' => array('auth' => __DIR__ . '/../view')));
public function saveUserAction()
{
$em = $this->getEntityManager();
$request = $this->getRequest();
// print_r($request->getPost());
$user = new User();
$user->setEmail($request->getPost('email'));
$bcrypt = new \Zend\Crypt\Password\Bcrypt();
$bcrypt->setSalt('m3s3Cr3tS4lty34h');
$user->setPassword($bcrypt->create($request->getPost('password')));
$user->setIsActive(1);
$user->setUsersalt($bcrypt->create($user->getEmail()));
$em->persist($user);
$em->flush();
return new JsonModel(array(array('user' => $user)));
}
public function loginByPassword($loginIdentity, $password)
{
$identityType = 'userName';
if (is_numeric($loginIdentity)) {
$identityType = 'mobile';
} else {
$validator = new \Zend\Validator\EmailAddress();
if ($validator->isValid($loginIdentity)) {
$identityType = 'email';
}
}
switch ($identityType) {
case 'email':
$dbWhere = array('email' => $loginIdentity);
$identityColumn = 'email';
break;
case 'mobile':
$dbWhere = array('mobile' => $loginIdentity);
$identityColumn = 'mobile';
break;
default:
$dbWhere = array('userName' => $loginIdentity);
$identityColumn = 'userName';
}
$auth = Auth::factory();
$user = $this->getItem()->getDataClass()->columns(array('id', 'salt', 'userName'))->where($dbWhere)->find('one');
if (!$user || !$user['id']) {
return $this->loginResult = new Result(Result::FAILURE_IDENTITY_NOT_FOUND, $loginIdentity, array(Result::FAILURE_IDENTITY_NOT_FOUND => 'A record with the supplied identity could not be found.'));
}
if (!$user['salt']) {
throw new \Exception(sprintf('User authention salt not found'));
}
$bcrypt = new \Zend\Crypt\Password\Bcrypt();
$bcrypt->setSalt($user['salt']);
$password = $bcrypt->create($password);
$this->loginResult = $loginResult = $auth->getAuthService(array('tableName' => 'user_users', 'identityColumn' => $identityColumn, 'credentialColumn' => 'password'))->getAdapter()->setIdentity($loginIdentity)->setCredential($password)->authenticate();
if ($loginResult->isValid()) {
return $this->loginById($user['id']);
}
return $loginResult;
}
