/** * @auth-groups users */ public function saveAction() { if (!empty($_POST['password_new'])) { try { v::length(6)->check($_POST['password_new']); } catch (ValidationException $e) { $this->flasher->error('Please make sure new password is longer than 6 characters!'); } if ($_POST['password_new'] !== $_POST['password_new_confirm']) { $this->flasher->error('New password fields were not identical!'); } if (!Gatekeeper::authenticate(['username' => $this->user->username, 'password' => $_POST['password_old']])) { $this->flasher->error('Invalid password. Changes ignored.'); } else { $this->user->password = $_POST['password_new']; $this->user->save(); $this->flasher->success('Password updated!'); } } if ($_POST['firstname'] != '-') { try { v::alnum(' ')->check($_POST['firstname']); $this->user->firstName = $_POST['firstname']; $this->user->save(); $this->flasher->success('First name changed.'); } catch (ValidationException $e) { $this->flasher->error('Name contains invalid characters. ' . $e->getMainMessage()); } } if ($_POST['lastname'] != '-') { try { v::alnum(' ')->check($_POST['lastname']); $this->user->lastName = $_POST['lastname']; $this->user->save(); $this->flasher->success('Last name changed.'); } catch (ValidationException $e) { $this->flasher->error('Last name contains invalid characters. ' . $e->getMainMessage()); } } $this->redirect('/account'); }
/** * Authenticate a user given the username/password credentials * * @param array $credentials Credential information (must include "username" and "password") * @param boolean $remember Flag to activate the "remember me" functionality * @return boolean Pass/fail of authentication */ public static function authenticate(array $credentials, $remember = false) { $username = $credentials['username']; $user = new UserModel(self::$datasource); $user->findByUsername($username); self::getLogger()->info('Authenticating user.', array('username' => $username)); // If they're inactive, they can't log in if ($user->status === UserModel::STATUS_INACTIVE) { self::getLogger()->error('User is inactive and cannot login.', array('username' => $username)); throw new Exception\UserInactiveException('User "' . $username . '" is inactive and cannot log in.'); } // Handle some throttle logic, if it's turned on if (self::$throttleStatus === true) { // Set up our default throttle restriction $instance = new \Psecio\Gatekeeper\Restrict\Throttle(array('userId' => $user->id)); self::$restrictions[] = $instance; } // Check any restrictions if (!empty(self::$restrictions)) { foreach (self::$restrictions as $restriction) { if ($restriction->evaluate() === false) { self::getLogger()->error('Restriction failed.', array('restriction' => get_class($restriction))); throw new Exception\RestrictionFailedException('Restriction ' . get_class($restriction) . ' failed.'); } } } // Verify the password! $result = password_verify($credentials['password'], $user->password); if (self::$throttleStatus === true && $result === true) { self::getLogger()->info('User login verified.', array('username' => $username)); // If throttling is enabled, set the user back to allow if (isset($instance)) { $instance->model->allow(); } $user->updateLastLogin(); if ($remember === true) { self::getLogger()->info('Activating remember me.', array('username' => $username)); self::rememberMe($user); } } return $result; }