/**
* Upgrade customer password hash when customer has logged in
*
* @param \Magento\Framework\Event\Observer $observer
* @return void
*/
public function execute(\Magento\Framework\Event\Observer $observer)
{
$password = $observer->getEvent()->getData('password');
/** @var \Magento\Customer\Model\Customer $model */
$model = $observer->getEvent()->getData('model');
$customer = $this->customerRepository->getById($model->getId());
$customerSecure = $this->customerRegistry->retrieveSecureData($model->getId());
if (!$this->encryptor->validateHashVersion($customerSecure->getPasswordHash(), true)) {
$customerSecure->setPasswordHash($this->encryptor->getHash($password, true));
$this->customerRepository->save($customer);
}
}
/**
* {@inheritdoc}
*/
public function authenticate($username, $password)
{
try {
switch ($this->advancedLoginConfigProvider->getLoginMode()) {
case LoginMode::LOGIN_TYPE_ONLY_ATTRIBUTE:
$customer = $this->loginViaCustomerAttributeOnly($username);
break;
case LoginMode::LOGIN_TYPE_BOTH:
$customer = $this->loginViaCustomerAttributeOrEmail($username);
break;
default:
$customer = $this->loginViaEmailOnly($username);
break;
}
} catch (NoSuchEntityException $e) {
throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
}
$this->checkPasswordStrength($password);
$hash = $this->customerRegistry->retrieveSecureData($customer->getId())->getPasswordHash();
if (!$this->encryptor->validateHash($password, $hash)) {
throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
}
if ($customer->getConfirmation() && $this->isConfirmationRequired($customer)) {
throw new EmailNotConfirmedException(__('This account is not confirmed.'));
}
$customerModel = $this->customerFactory->create()->updateData($customer);
$this->eventManager->dispatch('customer_customer_authenticated', ['model' => $customerModel, 'password' => $password]);
$this->eventManager->dispatch('customer_data_object_login', ['customer' => $customer]);
return $customer;
}
/**
* Create an object with data merged from Customer and CustomerSecure
*
* @param CustomerInterface $customer
* @return \Magento\Customer\Model\Data\CustomerSecure
*/
private function getFullCustomerObject($customer)
{
// No need to flatten the custom attributes or nested objects since the only usage is for email templates and
// object passed for events
$mergedCustomerData = $this->customerRegistry->retrieveSecureData($customer->getId());
$customerData = $this->dataProcessor->buildOutputDataArray($customer, \Magento\Customer\Api\Data\CustomerInterface::class);
$mergedCustomerData->addData($customerData);
$mergedCustomerData->setData('name', $this->customerViewHelper->getCustomerName($customer));
return $mergedCustomerData;
}
/**
* Validate that password is correct and customer is not locked
*
* @param \Magento\Customer\Api\Data\CustomerInterface $customer
* @param string $password
* @return $this
* @throws InvalidEmailOrPasswordException
*/
public function validatePasswordAndLockStatus(\Magento\Customer\Api\Data\CustomerInterface $customer, $password)
{
$customerSecure = $this->customerRegistry->retrieveSecureData($customer->getId());
$hash = $customerSecure->getPasswordHash();
if (!$this->encryptor->validateHash($password, $hash)) {
$this->_eventManager->dispatch('customer_password_invalid', ['username' => $customer->getEmail(), 'password' => $password]);
$this->checkIfLocked($customer);
throw new InvalidEmailOrPasswordException(__('The password doesn\'t match this account.'));
}
return $this;
}
/**
* {@inheritdoc}
*/
public function authenticate($customerId, $password)
{
$customerSecure = $this->customerRegistry->retrieveSecureData($customerId);
$hash = $customerSecure->getPasswordHash();
if (!$this->encryptor->validateHash($password, $hash)) {
$this->processAuthenticationFailure($customerId);
if ($this->isLocked($customerId)) {
throw new UserLockedException(__('The account is locked.'));
}
throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
}
return true;
}
/**
* {@inheritdoc}
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
* @SuppressWarnings(PHPMD.NPathComplexity)
*/
public function save(\Magento\Customer\Api\Data\CustomerInterface $customer, $passwordHash = null)
{
$this->validate($customer);
$prevCustomerData = null;
if ($customer->getId()) {
$prevCustomerData = $this->getById($customer->getId());
}
$customer = $this->imageProcessor->save($customer, CustomerMetadataInterface::ENTITY_TYPE_CUSTOMER, $prevCustomerData);
$origAddresses = $customer->getAddresses();
$customer->setAddresses([]);
$customerData = $this->extensibleDataObjectConverter->toNestedArray($customer, [], '\\Magento\\Customer\\Api\\Data\\CustomerInterface');
$customer->setAddresses($origAddresses);
$customerModel = $this->customerFactory->create(['data' => $customerData]);
$storeId = $customerModel->getStoreId();
if ($storeId === null) {
$customerModel->setStoreId($this->storeManager->getStore()->getId());
}
$customerModel->setId($customer->getId());
// Need to use attribute set or future updates can cause data loss
if (!$customerModel->getAttributeSetId()) {
$customerModel->setAttributeSetId(\Magento\Customer\Api\CustomerMetadataInterface::ATTRIBUTE_SET_ID_CUSTOMER);
}
// Populate model with secure data
if ($customer->getId()) {
$customerSecure = $this->customerRegistry->retrieveSecureData($customer->getId());
$customerModel->setRpToken($customerSecure->getRpToken());
$customerModel->setRpTokenCreatedAt($customerSecure->getRpTokenCreatedAt());
$customerModel->setPasswordHash($customerSecure->getPasswordHash());
} else {
if ($passwordHash) {
$customerModel->setPasswordHash($passwordHash);
}
}
// If customer email was changed, reset RpToken info
if ($prevCustomerData && $prevCustomerData->getEmail() !== $customerModel->getEmail()) {
$customerModel->setRpToken(null);
$customerModel->setRpTokenCreatedAt(null);
}
$this->customerResourceModel->save($customerModel);
$this->customerRegistry->push($customerModel);
$customerId = $customerModel->getId();
if ($customer->getAddresses() !== null) {
if ($customer->getId()) {
$existingAddresses = $this->getById($customer->getId())->getAddresses();
$getIdFunc = function ($address) {
return $address->getId();
};
$existingAddressIds = array_map($getIdFunc, $existingAddresses);
} else {
$existingAddressIds = [];
}
$savedAddressIds = [];
foreach ($customer->getAddresses() as $address) {
$address->setCustomerId($customerId)->setRegion($address->getRegion());
$this->addressRepository->save($address);
if ($address->getId()) {
$savedAddressIds[] = $address->getId();
}
}
$addressIdsToDelete = array_diff($existingAddressIds, $savedAddressIds);
foreach ($addressIdsToDelete as $addressId) {
$this->addressRepository->deleteById($addressId);
}
}
$savedCustomer = $this->get($customer->getEmail(), $customer->getWebsiteId());
$this->eventManager->dispatch('customer_save_after_data_object', ['customer_data_object' => $savedCustomer, 'orig_customer_data_object' => $customer]);
return $savedCustomer;
}
/**
* Reset Authentication data for customer.
*
* @param int $customerId
* @return $this
*/
public function saveAuth($customerId)
{
$customerSecure = $this->customerRegistry->retrieveSecureData($customerId);
$this->customerResourceModel->getConnection()->update($this->customerResourceModel->getTable('customer_entity'), ['failures_num' => $customerSecure->getData('failures_num'), 'first_failure' => $customerSecure->getData('first_failure'), 'lock_expires' => $customerSecure->getData('lock_expires')], $this->customerResourceModel->getConnection()->quoteInto('entity_id = ?', $customerId));
return $this;
}
