/**
* {@inheritdoc}
*/
public function getUsrId($username, $password, Request $request)
{
if (null === ($user = $this->repository->findRealUserByLogin($username))) {
return null;
}
if ($user->isSpecial()) {
return null;
}
// check locked account
if ($user->isMailLocked()) {
throw new AccountLockedException('The account is locked', $user->getId());
}
if (false === $user->isSaltedPassword()) {
// we need a quick update and continue
if ($this->oldEncoder->isPasswordValid($user->getPassword(), $password, $user->getNonce())) {
$this->userManipulator->setPassword($user, $password);
}
}
if (false === $this->encoder->isPasswordValid($user->getPassword(), $password, $user->getNonce())) {
return null;
}
return $user->getId();
}
/**
* @dataProvider providePasswords
* @covers Alchemy\Phrasea\Authentication\Phrasea\PasswordEncoder::isPasswordValid
*/
public function testPasswordNotValidIfChangingTheSalt($key, $pass, $salt, $encoded)
{
$encoder = new PasswordEncoder($key);
$this->assertFalse($encoder->isPasswordValid($encoded, $pass, $salt . mt_rand()));
}