/** * Comprueba la clave maestra del usuario. * * @param User $User * @return bool */ public static function checkUserMPass(User $User) { $userMPass = $User->getUserMPass(true); if ($userMPass === false) { return false; } $configHashMPass = ConfigDB::getValue('masterPwd'); if ($configHashMPass === false || is_null($configHashMPass)) { return false; } // Comprobamos el hash de la clave del usuario con la guardada return Crypt::checkHashPass($userMPass, $configHashMPass, true); }
/** * Comprueba si la clave temporal es válida * * @param string $pass clave a comprobar * @return bool */ public static function checkTempMasterPass($pass) { $passTime = ConfigDB::getValue('tempmaster_passtime'); $passMaxTime = ConfigDB::getValue('tempmaster_maxtime'); $attempts = ConfigDB::getValue('tempmaster_attempts'); // Comprobar si el tiempo de validez se ha superado if ($passTime !== false && time() - $passTime > $passMaxTime || $attempts >= 5) { ConfigDB::setCacheConfigValue('tempmaster_pass', ''); ConfigDB::setCacheConfigValue('tempmaster_passiv', ''); ConfigDB::setCacheConfigValue('tempmaster_passhash', ''); ConfigDB::writeConfig(); return false; } Crypt::checkHashPass($pass, ConfigDB::getValue('tempmaster_passhash')); $isValid = Crypt::checkHashPass($pass, ConfigDB::getValue('tempmaster_passhash')); if (!$isValid) { ConfigDB::setValue('tempmaster_attempts', $attempts + 1, false); } return $isValid; }
/** * Actualizar la clave maestra del usuario en la BBDD. * * @param string $masterPwd con la clave maestra * @return bool */ public function updateUserMPass($masterPwd) { $configHashMPass = ConfigDB::getValue('masterPwd'); if ($configHashMPass === false) { return false; } if (is_null($configHashMPass)) { $configHashMPass = Crypt::mkHashPassword($masterPwd); ConfigDB::setValue('masterPwd', $configHashMPass); } if (Crypt::checkHashPass($masterPwd, $configHashMPass, true)) { $cryptMPass = Crypt::mkCustomMPassEncrypt(self::getCypherPass(), $masterPwd); if (!$cryptMPass) { return false; } } else { return false; } $query = 'UPDATE usrData SET ' . 'user_mPass = :mPass,' . 'user_mIV = :mIV,' . 'user_lastUpdateMPass = UNIX_TIMESTAMP() ' . 'WHERE user_id = :id LIMIT 1'; $data['mPass'] = $cryptMPass[0]; $data['mIV'] = $cryptMPass[1]; $data['id'] = $this->_userId; return DB::getQuery($query, __FUNCTION__, $data); }