/**
* Function to reset the password for the current user
*
* @param type $oldPassword
* @param type $newPassword
* @return boolean
* @throws Exception\WrongPassword
*/
public function resetPassword($oldPassword, $newPassword)
{
if (!PasswordManager::validatePassword($oldPassword, $this->getPassword(), $this->getSalt())) {
throw new Exception\WrongPassword('Wrong Password provided');
}
$this->salt = PasswordManager::createSalt();
$this->password = PasswordManager::hashPassword($newPassword, $this->getSalt);
if ($this->validate()) {
$this->save();
return true;
} else {
return false;
}
}
/**
* Main authentication method which is used for user authentication
* based on two credentials such as username and password. These login
* credentials are set in database.
*
* @param string $name Username or email
* @param string $pass Password
*/
public function authenticate($name, $pass)
{
$errMessage = sprintf('%s and/or password are incorrect', ucfirst($this->_name));
$errMessageNotActive = 'Account is not active';
$user = \App_Model_User::first(array("{$this->_name} = ?" => $name));
if ($user === null) {
throw new Exception\UserNotExists($errMessage);
}
$passVerify = PasswordManager::validatePassword($pass, $user->getPassword(), $user->getSalt());
if ($passVerify === true) {
if ($user instanceof AdvancedUser) {
if (!$user->isActive()) {
throw new Exception\UserInactive($errMessageNotActive);
} elseif ($user->isAccountExpired()) {
throw new Exception\UserExpired($errMessage);
} elseif ($user->isPasswordExpired()) {
throw new Exception\UserPassExpired($errMessage);
} else {
$user->setLastLogin();
$user->setTotalLoginAttempts(0);
$user->setLastLoginAttempt(0);
$user->setFirstLoginAttempt(0);
$user->save();
$user->password = null;
$user->salt = null;
return $user;
}
} elseif ($user instanceof BasicUser) {
if (!$user->isActive()) {
throw new Exception\UserInactive($errMessageNotActive);
} else {
$user->setLastLogin();
$user->setTotalLoginAttempts(0);
$user->setLastLoginAttempt(0);
$user->setFirstLoginAttempt(0);
$user->save();
$user->password = null;
$user->salt = null;
return $user;
}
} else {
throw new Exception\Implementation(sprintf('%s is not implementing BasicUser', get_class($user)));
}
} else {
if ($this->_bruteForceDetection === true) {
if ($this->isBruteForce($user)) {
$identifier = $this->_name;
Core::getLogger()->log(sprintf('Brute Force Attack Detected for account %s', $user->{$identifier}));
throw new Exception\BruteForceAttack('WARNING: Brute Force Attack Detected. We Recommend you use captcha.');
} else {
throw new Exception\WrongPassword($errMessage);
}
} else {
throw new Exception\WrongPassword($errMessage);
}
}
}
