public function fire(array $data)
{
$this->validator->setScenario('login')->validate($data);
$user = $this->user->where('email', $data['email'])->first();
if (!$this->hasher->check($data['password'], $user->password)) {
throw new LoginFailedException();
}
return $user;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$post = $this->post->bySlug($request->segment(2));
if ($post->visibility_id == 2) {
if (!$this->hash->check(Input::get('password'), $post->password)) {
return redirect()->route('blog.askPassword', [$post->slug])->with('wrong_password', 'Please provide a valid password to view this post');
}
}
return $next($request);
}
/**
* 비회원 작성 글 인증 확인
*
* @param ItemEntity $item board item entity
* @param string $email email
* @param string $certifyKey 인증 암호
* @return bool
*/
public function verify(ItemEntity $item, $email, $certifyKey)
{
if ($email != $item->email) {
return false;
}
return $this->hasher->check($certifyKey, $item->certifyKey);
}
/**
* Validate a user against the given credentials.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @param array $credentials
* @return bool
*/
public function validateCredentials(UserContract $user, array $credentials)
{
$credentialsValidated = false;
// If the user is set AND, either of auth_type 'internal' or with
// auth_type unset or null, then validate against the stored
// password hash. Otherwise if the LDAP authentication
// method is enabled, try it.
if (isset($user) && (isset($user->auth_type) && $this->ldapConfig['label_internal'] === $user->auth_type || !isset($user->auth_type))) {
$plain = $credentials['password'];
$credentialsValidated = $this->hasher->check($plain, $user->getAuthPassword());
} else {
if ($this->ldapConfig['enabled'] && $this->ldapConfig['label_ldap'] === $user->auth_type) {
// Validate credentials against LDAP/AD server.
$credentialsValidated = $this->validateLDAPCredentials($credentials);
// If validated and config set to resync group membership on login.
if ($credentialsValidated && $this->ldapConfig['resync_on_login']) {
// First, revoke membership to all groups marked to 'resync_on_login'.
$this->revokeMembership($user);
// Then replicate group membership.
$this->replicateMembershipFromLDAP($user);
}
}
}
return $credentialsValidated;
}
/**
* 비회원 작성 글 인증 확인
*
* @param Board $board board model
* @param string $email email
* @param string $certifyKey 인증 암호
* @return bool
*/
public function verify(Board $board, $email, $certifyKey)
{
if ($email != $board->email) {
return false;
}
return $this->hasher->check($certifyKey, $board->certifyKey);
}
public function changePassword(ChangePasswordRequest $request, Auth $auth, Hasher $hash)
{
$user = $auth->user();
if ($hash->check($request->password, $user->password) == false) {
return redirect('changePassword')->withErrors('Senha atual incorreta.');
}
$user->password = $hash->make($request->new_password);
$user->save();
return redirect('/');
}
/**
* Delete account
*
* @param User $user
* @param array $data
* @return bool
*/
public function delete(User $user, array $data)
{
if (!$this->hasher->check($data['password'], $user->password)) {
return false;
}
if ($this->userRepo->delete($user)) {
event(new UserWasDeleted($user));
return true;
}
return false;
}
/**
* Check the given plain value against a hash.
*
* @param string $value
* @param string $hashedValue
* @param array $options
*
* @return bool
*/
public function check($value, $hashedValue, array $options = [])
{
// First, we are optimistic and try to use the target hasher.
if ($this->targetHasher->check($value, $hashedValue, $options)) {
return true;
}
// Otherwise, we attempt to check if it passes any supported hasher.
$match = false;
Std::each(function (Hasher $hasher) use($value, $hashedValue, $options, &$match) {
if ($hasher->check($value, $hashedValue, $options)) {
$match = true;
}
}, $this->supportedHashers);
return $match;
}
/**
* Validate a user against the given credentials.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @param array $credentials
* @return bool
*/
public function validateCredentials(Authenticatable $user, array $credentials)
{
$credentials = self::initCredentials($credentials);
/**
* 第三方登录不验证credential, 本地用户验证密码
*/
if (in_array($credentials['type'], ['email', 'username', 'phone'])) {
$userAuth = UserAuth::where('user_id', $user->id)->where('type', $credentials['type'])->first();
if ($this->hasher->check($credentials['credential'], $userAuth->credential)) {
$userAuth->touch();
return true;
} else {
return false;
}
} else {
return true;
}
}
/**
* Validate a user against the given credentials.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @param array $credentials
* @return bool
*/
public function validateCredentials(UserContract $user, array $credentials)
{
$plain = $credentials['password'];
return $this->hasher->check($plain, $user->getAuthPassword());
}
/**
* Check if a given password matches the user's password.
*
* @param string $password
* @return boolean
*/
public function checkPassword($password)
{
return static::$hasher->check($password, $this->password);
}
/**
* Validate a user against the given credentials.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @param array $credentials
*
* @return bool
*/
public function validateCredentials(AuthenticatableContract $user, array $credentials)
{
return $this->hasher->check($credentials['password'], $user->getAuthPassword());
}
/**
* Validates the authenticated user's password
*
* @param $user_password
* @return bool
*/
public function confirmPassword($user_password)
{
$current_password = $this->user->getAuthPassword();
$status = $this->hasher->check($user_password, $current_password);
return $status;
}
/**
* Validate a user against the given credentials.
*
* @param Authenticatable $user
* @param array $credentials
* @return bool
*/
public function validateCredentials(Authenticatable $user, array $credentials)
{
$password = $credentials['password'];
return $this->hasher->check($password, $user->getAuthPassword());
}
/**
* Check if a given password matches the user's password.
*
* @param string $password
* @return bool
*/
public function checkPassword($password)
{
$valid = static::$dispatcher->until(new CheckUserPassword($this, $password));
if ($valid !== null) {
return $valid;
}
return static::$hasher->check($password, $this->password);
}
/**
* @param Request $request
* @param Hasher $hasher
* @return \Illuminate\Http\JsonResponse
*/
public function changePassword(Request $request, Hasher $hasher)
{
/** @var User $user */
$user = $request->user('api');
$validator = $this->getValidationFactory()->make($request->all(), ['current' => 'required', 'password' => 'required|confirmed|min:6|different:current']);
if ($validator->fails()) {
return response()->json(['error' => $validator->errors()]);
}
if (!$hasher->check($request->get('current'), $user->getAuthPassword())) {
return response()->json(['error' => 'Invalid Credentials']);
}
$user->setAttribute('password', $request->get('password'));
$user->save();
return response()->json(['status' => 'Password changed successfully']);
}
