/** * Migrates the old sha1 based password hash to sha512 hashes and returns the updated user information * * @param int $userId * @param string $password * * @return array */ private function migratePasswordHashToSha512($userId, $password) { $salt = $this->secureHelper->salt(self::SALT_LENGTH); $updateValues = ['pwd' => $this->secureHelper->generateSaltedPassword($salt, $password, 'sha512'), 'pwd_salt' => $salt]; $this->userRepository->update($updateValues, $userId); return $this->userRepository->getOneById($userId); }
/** * @param array $formData * * @return \Symfony\Component\HttpFoundation\RedirectResponse */ protected function executePost(array $formData) { return $this->actionHelper->handlePostAction(function () use($formData) { $this->accountForgotPasswordFormValidation->validate($formData); $newPassword = $this->secureHelper->salt(Users\Model\UserModel::SALT_LENGTH); $user = $this->fetchUserByFormFieldValue($formData['nick_mail']); $mailIsSent = $this->sendPasswordChangeEmail($user, $newPassword); // Das Passwort des Benutzers nur abändern, wenn die E-Mail erfolgreich versendet werden konnte if ($mailIsSent === true) { $salt = $this->secureHelper->salt(Users\Model\UserModel::SALT_LENGTH); $updateValues = ['pwd' => $this->secureHelper->generateSaltedPassword($salt, $newPassword, 'sha512'), 'pwd_salt' => $salt, 'login_errors' => 0]; $bool = $this->userRepository->update($updateValues, $user['id']); } $this->setTemplate($this->get('core.helpers.alerts')->confirmBox($this->translator->t('users', $mailIsSent === true && isset($bool) && $bool !== false ? 'forgot_pwd_success' : 'forgot_pwd_error'), $this->appPath->getWebRoot())); }, $this->request->getFullPath()); }