/** * {@inheritdoc} */ public function authenticate($username, $password) { try { switch ($this->advancedLoginConfigProvider->getLoginMode()) { case LoginMode::LOGIN_TYPE_ONLY_ATTRIBUTE: $customer = $this->loginViaCustomerAttributeOnly($username); break; case LoginMode::LOGIN_TYPE_BOTH: $customer = $this->loginViaCustomerAttributeOrEmail($username); break; default: $customer = $this->loginViaEmailOnly($username); break; } } catch (NoSuchEntityException $e) { throw new InvalidEmailOrPasswordException(__('Invalid login or password.')); } $this->checkPasswordStrength($password); $hash = $this->customerRegistry->retrieveSecureData($customer->getId())->getPasswordHash(); if (!$this->encryptor->validateHash($password, $hash)) { throw new InvalidEmailOrPasswordException(__('Invalid login or password.')); } if ($customer->getConfirmation() && $this->isConfirmationRequired($customer)) { throw new EmailNotConfirmedException(__('This account is not confirmed.')); } $customerModel = $this->customerFactory->create()->updateData($customer); $this->eventManager->dispatch('customer_customer_authenticated', ['model' => $customerModel, 'password' => $password]); $this->eventManager->dispatch('customer_data_object_login', ['customer' => $customer]); return $customer; }
/** * Validate that password is correct and customer is not locked * * @param \Magento\Customer\Api\Data\CustomerInterface $customer * @param string $password * @return $this * @throws InvalidEmailOrPasswordException */ public function validatePasswordAndLockStatus(\Magento\Customer\Api\Data\CustomerInterface $customer, $password) { $customerSecure = $this->customerRegistry->retrieveSecureData($customer->getId()); $hash = $customerSecure->getPasswordHash(); if (!$this->encryptor->validateHash($password, $hash)) { $this->_eventManager->dispatch('customer_password_invalid', ['username' => $customer->getEmail(), 'password' => $password]); $this->checkIfLocked($customer); throw new InvalidEmailOrPasswordException(__('The password doesn\'t match this account.')); } return $this; }
/** * {@inheritdoc} */ public function authenticate($customerId, $password) { $customerSecure = $this->customerRegistry->retrieveSecureData($customerId); $hash = $customerSecure->getPasswordHash(); if (!$this->encryptor->validateHash($password, $hash)) { $this->processAuthenticationFailure($customerId); if ($this->isLocked($customerId)) { throw new UserLockedException(__('The account is locked.')); } throw new InvalidEmailOrPasswordException(__('Invalid login or password.')); } return true; }
/** * Ensure that provided password matches the current user password. Check if the current user account is active. * * @param string $password * @return bool * @throws \Magento\Framework\Exception\AuthenticationException */ public function verifyIdentity($password) { $result = false; if ($this->_encryptor->validateHash($password, $this->getPassword())) { if ($this->getIsActive() != '1') { throw new AuthenticationException(__('This account is inactive.')); } if (!$this->hasAssigned2Role($this->getId())) { throw new AuthenticationException(__('You need more permissions to access this.')); } $result = true; } return $result; }
/** * Change customer password. * * @param CustomerModel $customer * @param string $currentPassword * @param string $newPassword * @return bool true on success * @throws InputException * @throws InvalidEmailOrPasswordException */ private function changePasswordForCustomer($customer, $currentPassword, $newPassword) { $customerSecure = $this->customerRegistry->retrieveSecureData($customer->getId()); $hash = $customerSecure->getPasswordHash(); if (!$this->encryptor->validateHash($currentPassword, $hash)) { throw new InvalidEmailOrPasswordException(__('The password doesn\'t match this account.')); } $customerSecure->setRpToken(null); $customerSecure->setRpTokenCreatedAt(null); $this->checkPasswordStrength($newPassword); $customerSecure->setPasswordHash($this->createPasswordHash($newPassword)); $this->customerRepository->save($customer); // FIXME: Are we using the proper template here? try { $this->sendPasswordResetNotificationEmail($customer); } catch (MailException $e) { $this->logger->critical($e); } return true; }
/** * Validate user password * * @param string $password * @return bool */ public function validateUserPassword($password) { $userPasswordHash = $this->_backendAuthSession->getUser()->getPassword(); return $this->_encryptor->validateHash($password, $userPasswordHash); }
/** * Authenticate user name and password and save loaded record * * @param string $username * @param string $password * @return bool * @throws \Magento\Framework\Model\Exception * @throws \Magento\Backend\Model\Auth\Exception * @throws \Magento\Backend\Model\Auth\Plugin\Exception */ public function authenticate($username, $password) { $config = $this->_config->isSetFlag('admin/security/use_case_sensitive_login'); $result = false; try { $this->_eventManager->dispatch('admin_user_authenticate_before', array('username' => $username, 'user' => $this)); $this->loadByUsername($username); $sensitive = $config ? $username == $this->getUsername() : true; if ($sensitive && $this->getId() && $this->_encryptor->validateHash($password, $this->getPassword())) { if ($this->getIsActive() != '1') { throw new \Magento\Backend\Model\Auth\Exception(__('This account is inactive.')); } if (!$this->hasAssigned2Role($this->getId())) { throw new \Magento\Backend\Model\Auth\Exception(__('Access denied.')); } $result = true; } $this->_eventManager->dispatch('admin_user_authenticate_after', array('username' => $username, 'password' => $password, 'user' => $this, 'result' => $result)); } catch (\Magento\Framework\Model\Exception $e) { $this->unsetData(); throw $e; } if (!$result) { $this->unsetData(); } return $result; }
/** * Validate password with salted hash * * @param string $password * @return boolean */ public function validatePassword($password) { $hash = $this->getPasswordHash(); if (!$hash) { return false; } return $this->_encryptor->validateHash($password, $hash); }