private static function set_csrf_token_if_not_set() { if (!isset($_SESSION['csrf_token'])) { $_SESSION['csrf_token'] = NeechySecurity::random_hex(40); } return $_SESSION['csrf_token']; }
public static function create_on_install() { # Create System user $system_user_name = NEECHY_USER; $system_user_email = '*****@*****.**'; $system_user = new User(array('name' => $system_user_name, 'email' => $system_user_email, 'status' => self::$STATUS_LEVELS['NEW'])); $system_user->set_password(NeechySecurity::random_hex()); $system_user->save(); # Create Owner (user currently logged in) $app_engine_user = AppAuthService::user(); if ($app_engine_user) { $owner_name = $app_engine_user->getNickname(); $owner_email = $app_engine_user->getEmail(); $owner = new User(array('name' => $owner_name, 'email' => $owner_email, 'status' => self::$STATUS_LEVELS['NEW'])); $owner->set_password(NeechySecurity::random_hex()); $owner->save(); } else { $owner = null; } return array($system_user, $owner); }
protected function create_admin_user() { $this->print_header('Create Admin User'); $name_is_valid = false; $email_is_valid = false; # Choose name (5 tries) $strikes = 5; while (!$name_is_valid) { $validator = new SignUpValidator(); $name = $this->prompt_user('Please enter your new user name'); if (!$validator->validate_signup_user($name, 'name')) { $m = sprintf('invalid user name: %s', implode(', ', $validator->errors['name'])); $this->println($m); $strikes--; } else { $name_is_valid = true; } if ($strikes < 1) { $m = 'User name cannot be validated. Install failed. Please start over.'; throw new NeechyInstallError($m); } } # Input email $strikes = 5; while (!$email_is_valid) { $validator = new SignUpValidator(); $email = $this->prompt_user('Please enter your email'); if (!$validator->validate_signup_email($email, 'email')) { $m = sprintf('invalid email address: %s', implode(', ', $validator->errors['email'])); $this->println($m); $strikes--; } else { $email_is_valid = true; } if ($strikes < 1) { $m = 'Email cannot be validated. Install failed. Please start over.'; throw new NeechyInstallError($m); } } # Register user and create page $password = NeechySecurity::random_hex(); $this->register_admin_user($name, $email, $password); # Feedback $format = <<<STDOUT An admin has been created with your user name: %s Your random password is: %s Please login now and change your password. STDOUT; $this->println(sprintf($format, $name, $password)); }
private function reset_user_password($user, $password = null) { $password = !empty($password) ? $password : NeechySecurity::random_hex(); $user->set_password($password); $user->save(); return $password; }