public function extractKeyAndUser(Request $request) { $apiKey = $request->header('Authorization'); if (!$apiKey) { throw new InvalidAuthException('No Authorization header provided.'); } if (strpos($apiKey, 'Basic ') === 0) { $apiKey = substr($apiKey, 5, strlen($apiKey)); } $parts = explode(':', $apiKey); if (sizeof($parts) != 2) { throw new InvalidAuthException('Invalid Authorization header provided. It has to be user:code'); } $user = User::where('email', trim($parts[0]))->first(); if ($user) { try { $key = new PrivateKey($user->rsaKey->private); $pass = Crypt::decrypt(trim($parts[1])); $key->unlock($pass); return ['user' => $user, 'key' => $key]; } catch (\Exception $e) { throw new InvalidAuthException($e->getMessage()); } } return null; }
/** * Execute the console command. * * @return mixed */ public function handle() { foreach (User::all() as $user) { if (!$user->rsaKey) { throw new \RuntimeException('user ' . $user->email . ' has no RSA key. Create it using key:generate:users'); } } if (!$this->filesystem->exists(config('app.backup_key'))) { $this->warn('Backup key does not exist. We recommend that you create one using key:generate:master'); } $entries = Entry::all(); foreach ($entries as $entry) { $list = $this->accessDecider->getUserListForEntry($entry); if ($list->count() == 0) { throw new \RuntimeException('Entry #' . $entry->id . ' has no access. Share it.'); } } foreach ($entries as $entry) { if ($entry->password != '') { continue; } echo $entry->id . '... '; $this->entryCrypt->encrypt($entry->password, $entry); echo ' encrypted!' . "\n"; } }
public function handle() { $model = User::create(['email' => $this->email, 'password' => Hash::make($this->password), 'group' => $this->group, 'name' => $this->name, 'surname' => $this->surname]); $keys = KeyPairGenerator::generate($this->password); $key = new RsaKey(); $key->private = $keys['private']; $key->public = $keys['public']; $key->user_id = $model->id; $key->save(); event(new UserCreated($model)); return $model; }
/** * Execute the console command. * * @return mixed */ public function handle() { $user = User::where('email', $this->argument('email'))->first(); $key = new PrivateKey($this->fs->get($this->argument('keyPath'))); $key->unlock(md5($this->ask('What is the master key secret?'))); $entries = KeyShare::where('user_id', $user->id)->with('entry')->get(); foreach ($entries as $share) { $masterShare = $share->entry->keyShares()->whereNull('user_id')->firstOrFail(); $data = $this->sealer->unseal($share->entry->data, $masterShare->public, $key); $this->crypt->encrypt($data, $share->entry); } }
/** * Run the database seeds. * * @return void */ public function run() { Eloquent::unguard(); if (!User::find(1)) { User::create(['email' => 'admin', 'password' => Hash::make('admin'), 'name' => 'Main', 'surname' => 'Admin', 'group' => User::GROUP_ADMIN]); Project::create(['name' => 'Project 1', 'description' => 'Default starter project', 'user_id' => 1]); $keys = KeyPairGenerator::generate('admin'); $key = new RsaKey(); $key->private = $keys['private']; $key->public = $keys['public']; $key->user_id = 1; $key->save(); echo "DB Seeded...\n"; } else { echo "DB Already Seeded...\n"; } }
/** * @param $users */ private function generateKeys($users) { foreach ($users as $userRow) { $newPassword = md5(Crypt::encrypt($userRow->email)); $pair = KeyPairGenerator::generate($newPassword); $user = User::find($userRow->id); $key = new RsaKey(); $key->private = $pair['private']; $key->public = $pair['public']; if ($user->rsaKey()->count()) { $user->rsaKey()->delete(); } $user->rsaKey()->save($key); $user->password = Hash::make($newPassword); $user->save(); echo $user->email . "\t" . $newPassword . "\n"; } }
/** * Run the migrations. * * @return void */ public function up() { Schema::table('user', function ($table) { $table->string('type', 20); }); $users = User::all(); foreach ($users as $user) { if (isset($user->group)) { $user->type = $user->group == 'admin' ? 'admin' : 'member'; $user->save(); } } Schema::table('user', function ($table) { $table->dropColumn('group'); }); Schema::table('user', function ($table) { $table->renameColumn('type', 'group'); }); }
public function handle(UserRepository $userRepo, HistoryLogger $logger) { $model = User::findOrFail($this->id); $model->email = $this->email; $model->name = $this->name; $model->surname = $this->surname; if ($this->group) { if ($this->isBecomingNonAdmin($model) && $userRepo->isLastAdmin($model)) { throw new HttpResponseException(new JsonResponse('You cannot change this user group.', 419)); } $model->group = $this->group; } $logger->log('user', 'Updated user details.', $model->id); if (!is_null($this->password)) { $logger->log('user', 'Changed user password.', $model->id); $model->password = Hash::make($this->password); } $model->save(); return $model; }
/** * Store a newly created resource in storage. * * @param HistoryLogger $logger * @return Response */ public function store(HistoryLogger $logger) { $oldPassword = Input::get('old'); $newPassword = Input::get('new'); if (!Hash::check($oldPassword, Auth::user()->password)) { return Response::make('Old password does not match.', 419); } if ($newPassword != Input::get('repeat')) { return Response::make('New passwords do not match.', 419); } try { $model = User::findOrFail(Auth::user()->id); $model->password = Hash::make($newPassword); $rsa = $model->rsaKey; $rsa->private = (new PrivateKey($rsa->private))->unlock(md5($oldPassword))->lock($newPassword)->getKey(); $rsa->save(); $model->save(); $logger->log('auth', 'User changed password.', Auth::user()->id); } catch (\RuntimeException $e) { return Response::make('Incorrect old password for private key.', 419); } }
public function index() { return User::all(); }