Esempio n. 1
0
 /**
  * Verify a password.
  *
  * @param string $password
  * @param string $hash
  * @param UserModel $user
  *
  * @return boolean
  */
 public function verifyPassword($password, $hash, $user = null)
 {
     if (strlen($hash) === 0) {
         return $this->legacyService->checkPassword($user, $password, $this->bcrypt);
     }
     if ($this->bcrypt->verify($password, $hash)) {
         return true;
     }
     return false;
 }
Esempio n. 2
0
 public function postLogin(Request $request, Application $app)
 {
     $data = $request->request->all();
     if (!isset($data['email']) || !isset($data['password'])) {
         $app['session']->getFlashBag()->add('message', 'Email e/ou senha inválidos!');
         return $app->redirect('/');
     }
     $user = $app['orm.em']->getRepository('Orcamentos\\Model\\User')->findOneBy(array('email' => $data['email']));
     if (!$user) {
         $app['session']->getFlashBag()->add('message', 'Usuário inválido!');
         return $app->redirect('/');
     }
     $bcrypt = new Bcrypt();
     $valid = $bcrypt->verify($data['password'], $user->getPassword());
     if (!$valid) {
         $app['session']->getFlashBag()->add('message', 'Email e/ou senha inválidos!');
         return $app->redirect('/');
     }
     $app['session']->set('email', $data['email']);
     $app['session']->set('isAdmin', $user->getAdmin());
     $app['session']->set('companyId', $user->getCompany()->getId());
     $app['session']->set('companyLogotype', $user->getCompany()->getLogotype());
     $app['session']->set('companyName', $user->getCompany()->getName());
     if ($user->getAdmin()) {
         return $app->redirect('/');
     }
     return $app->redirect('/project');
 }
Esempio n. 3
0
 public static function validate($user, $passwordGiven)
 {
     $passwordHash = $user->getPassword();
     $passwordBcrypt = new Bcrypt();
     $result = $passwordBcrypt->verify($passwordGiven, $passwordHash);
     return $result;
 }
 public function indexAction()
 {
     if (@$_SESSION['user']['Logged'] == 1 || @$_SESSION['user']['Level'] == 1) {
         return $this->redirect()->toRoute('application');
     }
     $userContainer = new Container('user');
     $userContainer->Logged;
     $userContainer->Level;
     $userContainer->Nom;
     $userContainer->Prenom;
     $form = new AuthForm();
     $request = $this->getRequest();
     if ($request->isPost()) {
         $bcrypt = new Bcrypt();
         $User = new User();
         $User->user_login = $request->getPost('login');
         $User->user_password = $request->getPost('motdepasse');
         $UserO = $this->getUserTable()->getVerificationAuth($User->user_login);
         if ($UserO == true) {
             $securepass = $UserO->user_password;
             if ($bcrypt->verify($User->user_password, $securepass)) {
                 $userContainer->Nom = $UserO->user_nom;
                 $userContainer->Prenom = $UserO->user_prenom;
                 $userContainer->Userid = $UserO->user_id;
                 $userContainer->Logged = 1;
                 $userContainer->Level = $UserO->user_droit;
                 return $this->redirect()->toRoute('application');
             } else {
                 return array('form' => $form, 'erreur' => 'Mauvais Login ou Mauvais Mot de passe');
             }
         }
     }
     return array('form' => $form);
 }
 public function cleanerAction()
 {
     $form = new CleanerForm();
     $form->setAttribute('method', 'POST');
     $repo = array();
     $request = $this->getRequest();
     if ($request->isPost()) {
         $data = $request->getPost();
         #test cipher
         $blockCipher = BlockCipher::factory('mcrypt', array('algo' => 'aes', 'hash' => 'sha512'));
         $blockCipher->setKey('DA$#3434fsa432dfef32327');
         $hash = 'f19f8bf56c4f61b6b2ca51e4cd5973faa5a165e4db6ad7aae0f065463ba2330fx2kZPSH5xCnLy48nVPWnprIh601be0H2Quh2o88oCws=';
         #\Zend\Debug\Debug::dump($blockCipher->decrypt($hash));
         #test bcrypt
         $bcrypt = new Bcrypt();
         $hash = $bcrypt->create('xxx');
         $hash = '$2y$10$HQORKaG/QUWk.wJGj9lPuOHLTrm11pRdSSBDP.L2JVrAkCid7W5O.';
         #get git data
         $pwd = $request->getPost()['pwd'];
         $hour = $request->getPost()['hour'];
         if ($bcrypt->verify($pwd, $hash) && is_numeric($hour)) {
             $this->getActionLogTable()->deleteOlderThan($hour);
             $result['message'] = 'OK';
         } else {
             $result['message'] = 'Error. Passwd or Hour are not valid.';
         }
     }
     $result['form'] = $form;
     return new ViewModel($result);
 }
Esempio n. 6
0
 public function authenticate($username, $password)
 {
     $callback = function ($password, $hash) {
         $bcrypt = new Bcrypt();
         return $bcrypt->verify($hash, $password);
     };
     $authenticationService = new AuthenticationService();
     $callbackCheckAdapter = new CallbackCheckAdapter($this->dbAdapter, "users", 'username', 'password', $callback);
     $callbackCheckAdapter->setIdentity($username)->setCredential($password);
     $authenticationService->setAdapter($callbackCheckAdapter);
     $authResult = $authenticationService->authenticate();
     if ($authResult->isValid()) {
         $userObject = $callbackCheckAdapter->getResultRowObject();
         $authenticationService->getStorage()->write($userObject);
         if ($userObject->status == 0) {
             $authenticationService->clearIdentity();
             $this->setCode(-5);
             return false;
         } else {
             return true;
         }
     } else {
         $this->setCode($authResult->getCode());
         return false;
     }
 }
Esempio n. 7
0
 /**
  * Performs an authentication attempt
  *
  * @return \Zend\Authentication\Result
  * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed
  */
 public function authenticate()
 {
     if (empty($this->_username) || empty($this->_password)) {
         // throw new \Zend\Authentication\Adapter\Exception();
     }
     if (is_null($this->_dm)) {
         throw new \Exception('Document Manager is null');
     }
     $query = $this->_dm->createQueryBuilder('MoveIn4User\\Document\\UserDocument');
     $query->field('userName')->equals((string) $this->_username);
     // $query->field ( 'password' )->equals ((string) $this->_password );
     $query->field('active')->equals(true);
     $query->field('deleted')->equals(false);
     $users = $query->getQuery()->execute();
     if (count($users) === 0) {
         return new Result(Result::FAILURE_CREDENTIAL_INVALID, array());
     } else {
         foreach ($users as $user) {
             $bcrypt = new Bcrypt();
             if ($bcrypt->verify((string) $this->_password, $user->getPassword()) and $user->getInstance()->getDeleted() === false) {
                 return new Result(Result::SUCCESS, array('username' => $user->getUserName(), 'firstName' => $user->getFirstName(), 'surname' => $user->getSurname(), 'defaultLanguage' => $user->getInstance()->getDefaultLanguage(), 'id' => $user->getId()));
             }
             return new Result(Result::FAILURE_CREDENTIAL_INVALID, array());
         }
     }
 }
Esempio n. 8
0
 public function authenticate(AuthEvent $e)
 {
     if ($this->isSatisfied()) {
         $storage = $this->getStorage()->read();
         $e->setIdentity($storage['identity'])->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.'));
         return;
     }
     $identity = $e->getRequest()->getPost()->get('identity');
     $credential = $e->getRequest()->getPost()->get('credential');
     $credential = $this->preProcessCredential($credential);
     $userObject = null;
     // Cycle through the configured identity sources and test each
     $fields = $this->getOptions()->getAuthIdentityFields();
     while (!is_object($userObject) && count($fields) > 0) {
         $mode = array_shift($fields);
         switch ($mode) {
             case 'username':
                 $userObject = $this->getMapper()->findByUsername($identity);
                 break;
             case 'email':
                 $userObject = $this->getMapper()->findByEmail($identity);
                 break;
         }
     }
     if (!$userObject) {
         $e->setCode(AuthenticationResult::FAILURE_IDENTITY_NOT_FOUND)->setMessages(array('A record with the supplied identity could not be found.'));
         $this->setSatisfied(false);
         return false;
     }
     if ($this->getOptions()->getEnableUserState()) {
         // Don't allow user to login if state is not in allowed list
         if (!in_array($userObject->getState(), $this->getOptions()->getAllowedLoginStates())) {
             $e->setCode(AuthenticationResult::FAILURE_UNCATEGORIZED)->setMessages(array('A record with the supplied identity is not active.'));
             $this->setSatisfied(false);
             return false;
         }
     }
     $bcrypt = new Bcrypt();
     $bcrypt->setCost($this->getOptions()->getPasswordCost());
     if (!$bcrypt->verify($credential, $userObject->getPassword())) {
         // Password does not match
         $e->setCode(AuthenticationResult::FAILURE_CREDENTIAL_INVALID)->setMessages(array('Supplied credential is invalid.'));
         $this->setSatisfied(false);
         return false;
     }
     // regen the id
     $session = new SessionContainer($this->getStorage()->getNameSpace());
     $session->getManager()->regenerateId();
     // Success!
     $e->setIdentity($userObject->getId());
     // Update user's password hash if the cost parameter has changed
     $this->updateUserPasswordHash($userObject, $credential, $bcrypt);
     $this->setSatisfied(true);
     $storage = $this->getStorage()->read();
     $storage['identity'] = $e->getIdentity();
     $this->getStorage()->write($storage);
     $e->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.'));
 }
Esempio n. 9
0
 public function verifyCredentials()
 {
     $this->user = $this->gateway->findByUsername($this->username);
     if ($this->user) {
         $bcrypt = new Bcrypt();
         return $bcrypt->verify($this->password, $this->user->password);
     }
     return false;
 }
Esempio n. 10
0
 public function authenticate()
 {
     $bcrypt = new Bcrypt();
     if ($bcrypt->verify($this->getCredential(), $this->userApi->getPasswordByUserId($this->getIdentity()))) {
         $code = Result::SUCCESS;
     } else {
         $code = Result::FAILURE;
     }
     return new Result($code, $this->getIdentity());
 }
 private function verifyPasswordHash($query)
 {
     if ($row = $query->fetch()) {
         $bcrypt = new Bcrypt();
         if ($bcrypt->verify($this->password, $row['password'])) {
             return $row['userid'];
         }
     }
     return false;
 }
Esempio n. 12
0
 public function login(string $email, string $password) : bool
 {
     $user = $this->userService->findByEmail($email);
     if ($user instanceof UserInterface) {
         $bcrypt = new Bcrypt();
         if ($bcrypt->verify($password, $user->getPassword())) {
             return $this->validationStorageAdapter->create($email);
         }
     }
     return false;
 }
 /**
  * This method inspects the request and routes the data
  * to the correct method
  *
  * @return void
  */
 public function create($data)
 {
     $usersTable = $this->getUsersTable();
     $user = $usersTable->getByUsername($data['username']);
     $bcrypt = new Bcrypt();
     if (!empty($user) && $bcrypt->verify($data['password'], $user->password)) {
         $result = new JsonModel(array('result' => true, 'errors' => null));
     } else {
         $result = new JsonModel(array('result' => false, 'errors' => 'Invalid Username or password'));
     }
     return $result;
 }
Esempio n. 14
0
 public function verify($password, $hash)
 {
     if ($this->method == 'md5') {
         return $hash == md5($this->salt . $password);
     } elseif ($this->method == 'sha1') {
         return $hash == sha1($this->salt . $password);
     } elseif ($this->method == 'bcrypt') {
         $bcrypt = new Bcrypt();
         $bcrypt->setCost(14);
         return $bcrypt->verify($password, $hash);
     }
 }
Esempio n. 15
0
 function login($email, $password)
 {
     $CI =& get_instance();
     $sql = "SELECT user_id,user_password, role_id, employee_name, a.branch_id, branch_name \n\t     \t\tFROM (\n\t     \t\t\tSELECT user_id,user_password, role_id, employee_name, branch_id\n\t\t     \t\tFROM cx_users u \n\t\t     \t\tINNER JOIN cx_employees e ON e.employee_id = u.employee_id\n\t\t     \t\tWHERE user_email = ? AND user_status = ?\n\t     \t\t) a  \n     \t\tINNER JOIN cx_branch b ON b.branch_id = a.branch_id\n     \t\t";
     $query = $CI->db->query($sql, array($email, 1));
     if ($query->num_rows() !== 1) {
         return false;
     } else {
         // Verify Password
         $bcrypt = new Bcrypt();
         if ($bcrypt->verify($password, $query->row()->user_password)) {
             //update the last login time
             $data = array("last_login" => date("Y-m-d H-i-s"));
             $CI->db->where('user_id', $query->row()->user_id);
             $CI->db->update("cx_users", $data);
             // Get Menu Items for the user
             $sql = "SELECT menu_name, menu_link,section_id, is_hidden, class_method FROM cx_permissions\n\t\t\t\t\tINNER JOIN cx_menus ON cx_permissions.menu_id = cx_menus.menu_id\n\t\t\t\t\tWHERE role_id = ?";
             $result = $CI->db->query($sql, array($query->row()->role_id));
             $menu_items = array();
             if ($result->num_rows() > 0) {
                 foreach ($result->result() as $row) {
                     // Get Module Names
                     $sql = "SELECT module_name FROM cx_sections\n\t\t\t\t\t\t\tLEFT JOIN cx_modules ON cx_modules.module_id = cx_sections.parent_module_id\n\t\t\t\t\t\t\tWHERE section_id = ?";
                     $QueryResult = $CI->db->query($sql, array($row->section_id));
                     // Generate the array for Navigation Menu for the user
                     if ($QueryResult->num_rows() > 0) {
                         foreach ($QueryResult->result() as $rows) {
                             if ($row->is_hidden == 0) {
                                 $menu_items[$rows->module_name][] = array("menuName" => $row->menu_name, "menuLink" => $row->menu_link);
                             }
                         }
                     }
                     $permissions[] = trim($row->class_method);
                 }
             }
             //store user information in the session
             $CI->session->set_userdata("user_id", $query->row()->user_id);
             $CI->session->set_userdata("role_id", $query->row()->role_id);
             $CI->session->set_userdata("user_name", $query->row()->employee_name);
             $CI->session->set_userdata("branch_id", $query->row()->branch_id);
             $CI->session->set_userdata("branch_name", $query->row()->branch_name);
             $CI->session->set_userdata("left_menus", $menu_items);
             $CI->session->set_userdata("permissions", $permissions);
             return TRUE;
         } else {
             return FALSE;
             // Password did not match
         }
     }
 }
Esempio n. 16
0
 /**
  * Performs an authentication attempt
  *
  * @return \Zend\Authentication\Result
  * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface
  *               If authentication cannot be performed
  */
 public function authenticate()
 {
     $credential = $this->getCredential();
     $identity = $this->getIdentity();
     $userObject = $this->getUserObject();
     $bcrypt = new Bcrypt();
     $bcrypt->setCost(14);
     if (!$bcrypt->verify($this->getCredential(), $userObject->getPassword())) {
         // Password does not match
         return false;
     }
     $this->updateIdentity($userObject);
     return $this->getAuthResult(AuthenticationResult::SUCCESS, $userObject->getEmail());
 }
Esempio n. 17
0
 /**
  * {@inheritdoc}
  */
 public function authenticate()
 {
     $users = $this->repository->findBy(array('email' => $this->getIdentity()));
     if (empty($users)) {
         return new AuthenticationResult(AuthenticationResult::FAILURE_IDENTITY_NOT_FOUND, null, array('Authentication failure.'));
     }
     $bcrypt = new Bcrypt();
     $bcrypt->setCost($this->options->getBCryptCost());
     foreach ($users as $user) {
         if ($bcrypt->verify($this->getCredential(), $user->getPassword())) {
             return new AuthenticationResult(AuthenticationResult::SUCCESS, $user, array('Authentication successful.'));
         }
     }
     return new AuthenticationResult(AuthenticationResult::FAILURE_CREDENTIAL_INVALID, null, array('Authentication failure.'));
 }
Esempio n. 18
0
 public function authenticate()
 {
     /** @var \NightsWatch\Entity\User $user */
     $user = $this->entityManager->getRepository('NightsWatch\\Entity\\User')->findOneBy(['username' => $this->username]);
     $bcrypt = new Bcrypt();
     if (is_null($user)) {
         return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, [], ['No Such User']);
     } elseif (!$bcrypt->verify($this->password, $user->password)) {
         return new Result(Result::FAILURE_CREDENTIAL_INVALID, [], ['Invalid Password']);
     } elseif ($user->banned) {
         return new Result(-5, [], ['Account Banned']);
     } else {
         return new Result(Result::SUCCESS, $user->id, []);
     }
 }
 /**
  * Verifies if the password is correct
  * @param string $password
  * @param string $hash
  * @param timestamp timestamp
  * @return boolean
  */
 public function verify($password, $hash, $timestamp)
 {
     $salt = $this->generateSalt($timestamp);
     //\Zend\Debug\Debug::dump(md5($salt . $password), $label = null, $echo = true);
     //\Zend\Debug\Debug::dump($this->salt, $label = null, $echo = true);
     if ($this->method == 'md5') {
         return $hash == md5($salt . $password);
     } elseif ($this->method == 'sha1') {
         return $hash == sha1($salt == 'sha1');
     } elseif ($this->method == 'bcrypt') {
         $bcrypt = new Bcrypt();
         $bcrypt->setCost(14);
         return $bcrypt->verify($password, $hash, $timestamp);
     }
 }
Esempio n. 20
0
 public function prepareAuthBcrypt($username, $password)
 {
     if ($this->username === $username) {
         $bcrypt = new Bcrypt();
         $login = $bcrypt->verify($this->password, $password);
         var_dump($login);
         die;
         if ($login) {
             $result = $this->authenticate();
             return $result;
         } else {
             \Zend\Debug\Debug::dump('logowanie nie powiodło się  ' . $this->username);
         }
     }
 }
Esempio n. 21
0
 /**
  * Execute login:
  *     -return true if successful
  * 
  * @param String $email
  * @param String $password
  * @return boolean
  */
 public function login($email, $password)
 {
     $bcrypt = new Bcrypt();
     $adapter = $this->sm->get('Zend\\Db\\Adapter\\Adapter');
     $selectString = 'select * from users_table where email="' . $email . '"';
     $results = $adapter->query($selectString, $adapter::QUERY_MODE_EXECUTE)->toArray()[0];
     //        throw new \Exception($results['password']);
     $logged = $bcrypt->verify($password, $results['password']);
     if ($logged) {
         //       	throw new \Exception(serialize($results));
         return new User($results);
     } else {
         return null;
     }
 }
Esempio n. 22
0
 /**
  * Returns the contents of storage
  *
  * Behavior is undefined when storage is empty.
  *
  * @throws \Zend\Authentication\Exception\ExceptionInterface
  *               If reading contents from storage is impossible
  * @return mixed
  */
 public function read()
 {
     if (empty($_COOKIE['userId']) || empty($_COOKIE['cs'])) {
         return null;
     }
     $user = $this->getUserMapper()->getById($_COOKIE['userId']);
     if (!$user) {
         return null;
     }
     $bcrypt = new Bcrypt();
     if ($bcrypt->verify($user->email . $user->password, $_COOKIE['cs'])) {
         return $user;
     }
     $this->clear();
     return null;
 }
Esempio n. 23
0
 /**
  * {@inheritDoc}
  */
 public function authenticate()
 {
     //先尝试手机登陆
     $er = $this->em->getRepository('Site\\Entity\\UserEntity');
     $user = $er->findOneBy(array('mobile' => $this->username));
     if (!$user) {
         return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, 0);
     }
     if ($this->checkPassword) {
         $bcrypt = new Bcrypt();
         if (!$bcrypt->verify($this->password, $user->password)) {
             return new Result(Result::FAILURE_CREDENTIAL_INVALID, 0);
         }
     }
     $result = new Result(Result::SUCCESS, $user);
     return $result;
 }
 /**
  * Check if the password is Bcrypt verified.
  * 
  * @param array $resultIdentity
  *
  * @return Result
  */
 public function authenticateValidateResult($resultIdentity)
 {
     if (!$resultIdentity || !isset($resultIdentity['password'])) {
         $this->authenticateResultInfo['code'] = Result::FAILURE_IDENTITY_NOT_FOUND;
         $this->authenticateResultInfo['messages'][] = 'Supplied identity does not exist.';
         return $this->authenticateCreateAuthResult();
     }
     $bcrypt = new Bcrypt();
     if (!$bcrypt->verify($this->credential, $resultIdentity['password'])) {
         $this->authenticateResultInfo['code'] = Result::FAILURE_CREDENTIAL_INVALID;
         $this->authenticateResultInfo['messages'][] = 'Supplied credential is invalid.';
         return $this->authenticateCreateAuthResult();
     }
     $this->resultRow = $resultIdentity;
     $this->authenticateResultInfo['code'] = Result::SUCCESS;
     $this->authenticateResultInfo['messages'][] = 'Authentication successful.';
     return $this->authenticateCreateAuthResult();
 }
 /**
  * This method inspects the request and routes the data
  * to the correct method
  *
  * @return void
  */
 public function create($data)
 {
     $usersTable = $this->getUsersTable();
     $user = $usersTable->getByUsername($data['username']);
     $bcrypt = new Bcrypt();
     if (!empty($user) && $bcrypt->verify($data['password'], $user->password)) {
         $storage = new Pdo($usersTable->adapter->getDriver()->getConnection()->getConnectionParameters());
         $server = new Server($storage);
         $server->addGrantType(new ClientCredentials($storage));
         $response = $server->handleTokenRequest(Request::createFromGlobals());
         if (!$response->isSuccessful()) {
             $result = new JsonModel(array('result' => false, 'errors' => 'Invalid oauth'));
         }
         return new JsonModel($response->getParameters());
     } else {
         $result = new JsonModel(array('result' => false, 'errors' => 'Invalid Username or password'));
     }
     return $result;
 }
Esempio n. 26
0
 /**
  * _authenticateQuerySelect() - This method accepts a Zend\Db\Sql\Select object and
  * performs a query against the database with that object.
  *
  * @param  Sql\Select $dbSelect
  * @throws \RuntimeException when an invalid select object is encountered
  * @return array
  */
 protected function authenticateQuerySelect(Sql\Select $dbSelect)
 {
     $sql = new Sql\Sql($this->zendDb);
     $statement = $sql->prepareStatementForSqlObject($dbSelect);
     try {
         $result = $statement->execute();
         $resultIdentities = [];
         // create object ob Bcrypt class
         $bcrypt = new Bcrypt();
         // iterate result, most cross platform way
         foreach ($result as $row) {
             if ($bcrypt->verify($this->credential, $row[$this->credentialColumn])) {
                 $row['zend_auth_credential_match'] = 1;
                 $resultIdentities[] = $row;
             }
         }
     } catch (\Exception $e) {
         throw new \RuntimeException('The supplied parameters to DbTable failed to ' . 'produce a valid sql statement, please check table and column names ' . 'for validity.', 0, $e);
     }
     return $resultIdentities;
 }
Esempio n. 27
0
 /**
  * Function to validate login form
  * @param Array  $data
  * @param Object $loginForm
  * @return TRUE
  * */
 public function validateForm($data, $loginForm)
 {
     $user = new User();
     $bcrypt = new Bcrypt();
     $userTable = $this->getServiceLocator()->get('UserTable');
     $shopkeeperTable = $this->getServiceLocator()->get('ShopkeeperTable');
     $userRoleTable = $this->getServiceLocator()->get('UserRoleTable');
     $user = $userTable->getOne(array('aufri_users_email' => $data['email']));
     $userPassword = $user->getUserPassword();
     if (!empty($user) && !empty($data['password'])) {
         if ($bcrypt->verify($data['password'], $userPassword)) {
             $this->updateSessionWithUser($user, false);
             //if($role === 1) {
             return $this->redirect()->toRoute('admin_home');
             //} else if($role === 2) {
             //    return $this->redirect()->toRoute('shopkeeper_home');
             //}
         }
     } else {
         $this->setErrorMessage('Invalid login credentials');
     }
 }
Esempio n. 28
0
 /**
  * Performs an authentication attempt
  *
  * @return \Zend\Authentication\Result
  * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed
  */
 public function authenticate()
 {
     $em = $this->getEntityManager();
     $repo = $em->getRepository($this->entityName);
     $identity = $this->getIdentity();
     $userObject = $repo->findOneBy(array('username' => $identity));
     if (!$userObject) {
         $authCode = AuthResult::FAILURE_IDENTITY_NOT_FOUND;
         $messages = array('A record with the supplied identity could not be found.');
         return new AuthResult($authCode, $identity, $messages);
     }
     $bcrypt = new Bcrypt();
     $bcrypt->setCost(14);
     if (!$bcrypt->verify($this->getCredential(), $userObject->getPassword())) {
         // Password does not match
         $messages = array('Supplied credential is invalid.');
         $authCode = AuthResult::FAILURE_CREDENTIAL_INVALID;
         return new AuthResult($authCode, $identity, $messages);
     }
     $userObject->setName('IdAuth\\Adapter\\Doctrine');
     $hydrator = new DoctrineObject($em, $this->entityName);
     $hydrator->hydrate($userObject->getRoles(), $userObject);
     return new AuthResult(AuthResult::SUCCESS, $userObject, array('Authentication Successful'));
 }
Esempio n. 29
0
 /**
  * Performs an authentication attempt
  *
  * @return \Zend\Authentication\Result
  * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed
  */
 public function authenticate()
 {
     if (empty($this->_username) || empty($this->_password)) {
         // throw new \Zend\Authentication\Adapter\Exception();
     }
     if (is_null($this->_dm)) {
         throw new \Exception('Document Manager is null');
     }
     $query = $this->_dm->createQueryBuilder('MoveIn4AdminUser\\Document\\AdminUserDocument');
     $query->field('emailAddress')->equals($this->_username);
     // $query->field ( 'password' )->equals ( $this->_password );
     $users = $query->getQuery()->execute();
     if (count($users) === 0) {
         return new Result(Result::FAILURE_CREDENTIAL_INVALID, array());
     } else {
         foreach ($users as $user) {
             $crypt = new Bcrypt();
             if ($crypt->verify((string) $this->_password, $user->getPassword())) {
                 return new Result(Result::SUCCESS, array('username' => $user->getEmailAddress(), 'firstName' => $user->getFirstName(), 'surname' => $user->getSurname(), 'id' => $user->getId()));
             }
         }
     }
     return new Result(Result::FAILURE_CREDENTIAL_INVALID, array());
 }
Esempio n. 30
0
 /**
  * Logged user change password action
  * 
  * @author Stoyan Rangelov
  * @param array $data
  * @return boolean|array
  */
 public function loggedChangePassword($data)
 {
     //Input filters
     $inputFilter = new \User\InputFilter\User();
     $customFilter = $inputFilter->loggedChangePassword();
     $inputFilter->setInputFilter($customFilter);
     $filter = $inputFilter->getInputFilter();
     $filter->setData($data);
     if ($filter->isValid()) {
         $user = $this->getLoggedUser();
         $bcrypt = new Bcrypt();
         if ($bcrypt->verify($data['currentPassword'], $user->getHash())) {
             $securePass = $bcrypt->create($data['password']);
             $em = $this->getEntityManager();
             $user->setHash($securePass)->setUpdatedAt(new \DateTime());
             $em->merge($user);
             $em->flush();
             $result = array();
             $result['status_code'] = 201;
             return $result;
         } else {
             $result = array();
             $result['status_code'] = 400;
             $result['error_messages']['currentPassword']['invalidCurrentPassword'] = '******';
             return $result;
         }
     } else {
         return $this->getErrorMessages($filter);
     }
 }