/** * @param Schema $schema */ public function up(Schema $schema) { // this up() migration is auto-generated, please modify it to your needs $enc = new BCryptPasswordEncoder(10); $p = $enc->encodePassword('Au123456', null); $this->addSql("INSERT INTO user\n (`username`, `password`, `first_name`, `last_name`, `role`, `email`, `email_is_verify`) VALUES\n ('testuser', '{$p}', 'DemoUser', 'DemoUser', 0, '*****@*****.**', 1)"); }
/** * @requires PHP 5.3.7 */ public function testCheckPasswordLength() { $encoder = new BCryptPasswordEncoder(self::VALID_COST); $result = $encoder->encodePassword(str_repeat('a', 72), null); $this->assertFalse($encoder->isPasswordValid($result, str_repeat('a', 73), 'salt')); $this->assertTrue($encoder->isPasswordValid($result, str_repeat('a', 72), 'salt')); }
public function testValidation() { $this->skipIfPhpVersionIsNotSupported(); $encoder = new BCryptPasswordEncoder(self::VALID_COST); $result = $encoder->encodePassword(self::PASSWORD, null); $this->assertTrue($encoder->isPasswordValid($result, self::PASSWORD, null)); $this->assertFalse($encoder->isPasswordValid($result, 'anotherPassword', null)); }
public function testEncodePasswordBcrypt() { $this->passwordEncoderCommandTester->execute(array('command' => 'security:encode-password', 'password' => 'password', 'user-class' => 'Custom\\Class\\Bcrypt\\User'), array('interactive' => false)); $output = $this->passwordEncoderCommandTester->getDisplay(); $this->assertContains('Password encoding succeeded', $output); $encoder = new BCryptPasswordEncoder(17); preg_match('# Encoded password\\s{1,}([\\w+\\/$.]+={0,2})\\s+#', $output, $matches); $hash = $matches[1]; $this->assertTrue($encoder->isPasswordValid($hash, 'password', null)); }
/** * {@inheritDoc} */ public function load(ObjectManager $manager) { $encoder = new BCryptPasswordEncoder(10); $user = new User(); $user->setEmail('*****@*****.**'); $user->setPassword($encoder->encodePassword('nhy6&UJM', null)); $user->setEnabled(1); $user->setRoles('ROLE_USER'); $user->setCreated(new \Datetime()); $manager->persist($user); $manager->flush(); $currencyDollar = new Currency(); $currencyDollar->setName('United States dollar'); $currencyDollar->setCode('USD'); $currencyDollar->setSymbol('$'); $manager->persist($currencyDollar); $manager->flush(); $currencyEuro = new Currency(); $currencyEuro->setName('Euro'); $currencyEuro->setCode('EUR'); $currencyEuro->setSymbol('€'); $manager->persist($currencyEuro); $manager->flush(); $currencySol = new Currency(); $currencySol->setName('Peruvian Nuevo Sol'); $currencySol->setCode('PEN'); $currencySol->setSymbol('S/.'); $manager->persist($currencySol); $manager->flush(); $account1 = new Account(); $account1->setOwner($user); $account1->setName('Checking'); $account1->setCurrency($currencyDollar); $account1->addTransaction(10000, 'Initial Deposit', new \DateTime()); $account1->addTransaction(2500, 'July Paycheck', new \DateTime()); $manager->persist($account1); $manager->flush(); $accId = $account1->getId(); $acc1 = $manager->find('Pfmgr\\Entity\\Account', $accId); $acc2 = $manager->find('Pfmgr\\Entity\\Account', $accId); $acc1->addTransaction(-1650, 'Rent', new \DateTime()); $acc2->addTransaction(-845.45, 'Audi A8 Payment', new \DateTime()); $manager->persist($acc1); $manager->persist($acc2); $manager->flush(); $account2 = new Account(); $account2->setOwner($user); $account2->setName('Checking'); $account2->setCurrency($currencyEuro); $manager->persist($account2); $manager->flush(); }
public function testSecureRandomIsUsed() { if (function_exists('mcrypt_create_iv')) { return; } $this->secureRandom->expects($this->atLeastOnce())->method('nextBytes'); $encoder = new BCryptPasswordEncoder($this->secureRandom, self::VALID_COST); $result = $encoder->encodePassword(self::PASSWORD, null); $prefix = '$' . (version_compare(phpversion(), '5.3.7', '>=') ? '2y' : '2a') . '$'; $salt = 'MDEyMzQ1Njc4OWFiY2RlZe'; $expected = crypt(self::PASSWORD, $prefix . self::VALID_COST . '$' . $salt); $this->assertEquals($expected, $result); }
public function testResetPassword() { $passwordReset = new PasswordReset($this->dataUser, $this->dataPasswordReset); $app = TestDBSetup::createAppAndDB(false); $user = $this->dataUser->createEmpty(); $user->set('username', 'user2'); $user->set('password', 'asdasd'); $user->set('email', '*****@*****.**'); $this->dataUser->create($user); $hash = $user->get('password'); $salt = $user->get('salt'); $encoder = new BCryptPasswordEncoder(13); $this->assertTrue($encoder->isPasswordValid($hash, 'asdasd', $salt)); $token = $passwordReset->requestPasswordReset('email', '*****@*****.**'); $read = $passwordReset->resetPassword('asdasd', 'dsadsa'); $this->assertFalse($read); $read = $passwordReset->resetPassword('', 'dsadsa'); $this->assertFalse($read); $read = $passwordReset->resetPassword(null, 'dsadsa'); $this->assertFalse($read); $read = $passwordReset->resetPassword($token, 'dsadsa'); $this->assertTrue($read); $updatedUser = $this->dataUser->get($user->get('id')); $newHash = $updatedUser->get('password'); $this->assertTrue($encoder->isPasswordValid($newHash, 'dsadsa', $salt)); // A token can be only used once $read = $passwordReset->resetPassword($token, 'dsadsa'); $this->assertFalse($read); // A password reset must be used within 48h $token = $passwordReset->requestPasswordReset('email', '*****@*****.**'); $passwordResets = $this->dataPasswordReset->listEntries(['token' => $token]); if (count($passwordResets) !== 1) { $this->fail(); } $oldCreatedAt = gmdate('Y-m-d H:i:s', time() - 3 * 24 * 60 * 60); $app['db']->executeUpdate('UPDATE password_reset SET created_at = ? WHERE token = ?', [$oldCreatedAt, $token]); $read = $passwordReset->resetPassword($token, 'dsadsa'); $this->assertFalse($read); }
public function testCheckPasswordLength() { $encoder = new BCryptPasswordEncoder(self::VALID_COST); $this->assertFalse($encoder->isPasswordValid('encoded', str_repeat('a', 5000), 'salt')); }
/** * @param string $hash * @param string $rawPassword * * @return bool */ protected function isValidPassword($hash, $rawPassword) { $encoder = new BCryptPasswordEncoder(self::BCRYPT_FACTOR); return $encoder->isPasswordValid($hash, $rawPassword, self::BCRYPT_SALT); }
/** * Set old password * * @param string $oldPassword * * @return TestUser */ public function setOldPassword($password) { $encoder = new BCryptPasswordEncoder(static::bcryptStrength); $this->oldPassword = $encoder->encodePassword($password, $this->getSalt()); return $this; }
/** * A utility function to verify if the password in the db matches the given password * This is primarily used in tests * @param string $passwordToVerify * @return bool true if the password matches, false if not */ public function verifyPassword($passwordToVerify) { $bcrypt = new BCryptPasswordEncoder(BCRYPT_COST); return $bcrypt->isPasswordValid($this->password, $passwordToVerify, null); }
public function setPassword($newPassword) { $bcrypt = new BCryptPasswordEncoder(BCRYPT_COST); $this->password = $bcrypt->encodePassword($newPassword, null); }
/** * @param string $plainPassword * @param string $salt * * @return string */ public static function encode($plainPassword, $salt) { $encoder = new BCryptPasswordEncoder(13); return $encoder->encodePassword($plainPassword, $salt); }