public function rules() { // Get the parent fules. $rules = parent::rules(); // Replace the password validator. $rules['passwordValidate'] = ['password', function ($attribute) { $error = Yii::t('user', 'Invalid login or password'); $user = $this->user; if ($user === null) { $this->addError($attribute, $error); return; } $validPass = false; $password = $this->password; $hash = $user->password_hash; // Try to validate hash, might throw if hash is invalid. try { $validPass = Password::validate($password, $hash); } catch (InvalidParamException $e) { // Do nothing. } // If a valid and modern hash, return now. if ($validPass) { return; } // Validate against legacy hashes. if ($this->validLegacyHash($password, $hash, $user)) { $user->resetPassword($this->password); } else { $this->addError($attribute, $error); } }]; // Return the modified rules. return $rules; }
/** @inheritdoc */ public function rules() { return ['usernameRequired' => ['username', 'required'], 'usernameTrim' => ['username', 'filter', 'filter' => 'trim'], 'usernameLength' => ['username', 'string', 'min' => 3, 'max' => 255], 'usernamePattern' => ['username', 'match', 'pattern' => '/^[-a-zA-Z0-9_\\.@]+$/'], 'emailRequired' => ['email', 'required'], 'emailTrim' => ['email', 'filter', 'filter' => 'trim'], 'emailPattern' => ['email', 'email'], 'emailUsernameUnique' => [['email', 'username'], 'unique', 'when' => function ($model, $attribute) { return $this->user->{$attribute} != $model->{$attribute}; }, 'targetClass' => $this->module->modelMap['User']], 'newPasswordLength' => ['new_password', 'string', 'min' => 6], 'currentPasswordRequired' => ['current_password', 'required'], 'currentPasswordValidate' => ['current_password', function ($attr) { if (!Password::validate($this->{$attr}, $this->user->password_hash)) { $this->addError($attr, Yii::t('user', 'Current password is not valid')); } }]]; }
/** @inheritdoc */ public function rules() { return [[['username', 'email', 'current_password'], 'required'], [['username', 'email'], 'filter', 'filter' => 'trim'], ['username', 'match', 'pattern' => '/^[a-zA-Z]\\w+$/'], ['username', 'string', 'min' => 3, 'max' => 20], ['email', 'email'], [['email', 'username'], 'unique', 'when' => function ($model, $attribute) { return $this->user->{$attribute} != $model->{$attribute}; }, 'targetClass' => $this->module->modelMap['User']], ['new_password', 'string', 'min' => 6], ['current_password', function ($attr) { if (!Password::validate($this->{$attr}, $this->user->password_hash)) { $this->addError($attr, \Yii::t('user', 'Current password is not valid')); } }]]; }
public function testRegister() { $this->model = new RegistrationForm(); $this->model->setAttributes(['email' => '*****@*****.**', 'username' => 'foobar', 'password' => 'foobar']); /** @var User $user */ verify($this->model->register())->true(); $user = User::findOne(['email' => '*****@*****.**']); verify('$user is instance of User', $user instanceof User)->true(); verify('email is valid', $user->email)->equals($this->model->email); verify('username is valid', $user->username)->equals($this->model->username); verify('password is valid', Password::validate($this->model->password, $user->password_hash))->true(); $token = Token::findOne(['user_id' => $user->id, 'type' => Token::TYPE_CONFIRMATION]); verify($token)->notNull(); $mock = $this->getMock(RegistrationForm::className(), ['validate']); $mock->expects($this->once())->method('validate')->will($this->returnValue(false)); verify($mock->register())->false(); }
/** @inheritdoc */ public function rules() { return ['requiredFields' => [['login', 'password'], 'required'], 'loginTrim' => ['login', 'trim'], 'passwordValidate' => ['password', function ($attribute) { if ($this->user === null || !Password::validate($this->password, $this->user->password_hash)) { $this->addError($attribute, Yii::t('user', 'Invalid login or password')); } }], 'confirmationValidate' => ['login', function ($attribute) { if ($this->user !== null) { $confirmationRequired = $this->module->enableConfirmation && !$this->module->enableUnconfirmedLogin; if ($confirmationRequired && !$this->user->getIsConfirmed()) { $this->addError($attribute, Yii::t('user', 'You need to confirm your email address')); } if ($this->user->getIsBlocked()) { $this->addError($attribute, Yii::t('user', 'Your account has been blocked')); } } }], 'rememberMe' => ['rememberMe', 'boolean']]; }
/** * @param $id */ public function actionChangePassword($id) { $userInfo = Yii::$app->request->post()['settings-form']; $user = User::findIdentity($id); if (Password::validate($userInfo['current_password'], $user->password_hash)) { if ($user->resetPassword($userInfo['new_password'])) { Yii::$app->getSession()->setFlash('success', 'Contraseña cambiada con éxito'); } if ($user->username != $userInfo['username']) { $user->username = $userInfo['username']; $user->save(); Yii::$app->getSession()->setFlash('success', 'Nombre de usuario cambiado con éxito'); } } else { Yii::$app->getSession()->setFlash('danger', 'La contraseña actual no corresponde, valide e intente nuevamente'); } $this->redirect(['person/update', 'id' => Yii::$app->user->id]); }
public static function loginUserByName($username, $password) { $user = User::findOne(['username' => $username]); if (!$user || !Password::validate($password, $user->password_hash)) { return; } return $user; }
/** @inheritdoc */ public function rules() { return [['username', 'required', 'on' => ['register', 'connect', 'create', 'update']], ['username', 'match', 'pattern' => '/^[a-zA-Z]\\w+$/'], ['username', 'string', 'min' => 3, 'max' => 25], ['username', 'unique'], ['username', 'trim'], ['email', 'required', 'on' => ['register', 'connect', 'create', 'update', 'update_email']], ['email', 'email'], ['email', 'string', 'max' => 255], ['email', 'unique'], ['email', 'trim'], ['unconfirmed_email', 'required', 'on' => 'update_email'], ['unconfirmed_email', 'unique', 'targetAttribute' => 'email', 'on' => 'update_email'], ['unconfirmed_email', 'email', 'on' => 'update_email'], ['password', 'required', 'on' => ['register', 'update_password']], ['password', 'string', 'min' => 6, 'on' => ['register', 'update_password', 'create']], ['current_password', 'required', 'on' => ['update_email', 'update_password']], ['current_password', function ($attr) { if (!empty($this->{$attr}) && !Password::validate($this->{$attr}, $this->password_hash)) { $this->addError($attr, \Yii::t('user', 'Current password is not valid')); } }, 'on' => ['update_email', 'update_password']]]; }