/** * Function to reset the password for the current user * * @param type $oldPassword * @param type $newPassword * @return boolean * @throws Exception\WrongPassword */ public function resetPassword($oldPassword, $newPassword) { if (!PasswordManager::validatePassword($oldPassword, $this->getPassword(), $this->getSalt())) { throw new Exception\WrongPassword('Wrong Password provided'); } $this->salt = PasswordManager::createSalt(); $this->password = PasswordManager::hashPassword($newPassword, $this->getSalt); if ($this->validate()) { $this->save(); return true; } else { return false; } }
/** * Main authentication method which is used for user authentication * based on two credentials such as username and password. These login * credentials are set in database. * * @param string $name Username or email * @param string $pass Password */ public function authenticate($name, $pass) { $errMessage = sprintf('%s and/or password are incorrect', ucfirst($this->_name)); $errMessageNotActive = 'Account is not active'; $user = \App_Model_User::first(array("{$this->_name} = ?" => $name)); if ($user === null) { throw new Exception\UserNotExists($errMessage); } $passVerify = PasswordManager::validatePassword($pass, $user->getPassword(), $user->getSalt()); if ($passVerify === true) { if ($user instanceof AdvancedUser) { if (!$user->isActive()) { throw new Exception\UserInactive($errMessageNotActive); } elseif ($user->isAccountExpired()) { throw new Exception\UserExpired($errMessage); } elseif ($user->isPasswordExpired()) { throw new Exception\UserPassExpired($errMessage); } else { $user->setLastLogin(); $user->setTotalLoginAttempts(0); $user->setLastLoginAttempt(0); $user->setFirstLoginAttempt(0); $user->save(); $user->password = null; $user->salt = null; return $user; } } elseif ($user instanceof BasicUser) { if (!$user->isActive()) { throw new Exception\UserInactive($errMessageNotActive); } else { $user->setLastLogin(); $user->setTotalLoginAttempts(0); $user->setLastLoginAttempt(0); $user->setFirstLoginAttempt(0); $user->save(); $user->password = null; $user->salt = null; return $user; } } else { throw new Exception\Implementation(sprintf('%s is not implementing BasicUser', get_class($user))); } } else { if ($this->_bruteForceDetection === true) { if ($this->isBruteForce($user)) { $identifier = $this->_name; Core::getLogger()->log(sprintf('Brute Force Attack Detected for account %s', $user->{$identifier})); throw new Exception\BruteForceAttack('WARNING: Brute Force Attack Detected. We Recommend you use captcha.'); } else { throw new Exception\WrongPassword($errMessage); } } else { throw new Exception\WrongPassword($errMessage); } } }