/** * Set the field values * * @param array $values * @param Auth $auth * @return Login */ public function setFieldValues(array $values = null, Auth $auth = null) { parent::setFieldValues($values); if ($_POST && null !== $this->username && null !== $this->password && null !== $auth) { $auth->authenticate(html_entity_decode($this->username, ENT_QUOTES, 'UTF-8'), html_entity_decode($this->password, ENT_QUOTES, 'UTF-8')); if (!$auth->isValid()) { $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'The login was not correct.')); } else { if (!$auth->adapter()->getUser()->verified) { $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is not verified.')); } else { if (!$auth->adapter()->getUser()->active) { $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is blocked.')); } else { $role = Table\Roles::findById($auth->adapter()->getUser()->role_id); if (isset($role->id) && null !== $role->permissions) { $permissions = unserialize($role->permissions); if (isset($permissions['deny'])) { foreach ($permissions['deny'] as $deny) { if ($deny['resource'] == 'login') { $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is not allowed to login.')); } } } } } } } } return $this; }
/** * Set the field values * * @param array $values * @param Auth $auth * @return Login */ public function setFieldValues(array $values = null, Auth $auth = null) { parent::setFieldValues($values); if ($_POST && null !== $this->username && null !== $this->password && null !== $auth) { $auth->authenticate(html_entity_decode($this->username, ENT_QUOTES, 'UTF-8'), html_entity_decode($this->password, ENT_QUOTES, 'UTF-8')); if (!$auth->isValid()) { $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'The login was not correct.')); } else { if (!$auth->adapter()->getUser()->verified) { $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is not verified.')); } else { if (!$auth->adapter()->getUser()->active) { $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is blocked.')); } } } } return $this; }
public function testPasswordEncryption() { $a = new Auth(new File(__DIR__ . '/../tmp/access.txt'), Auth::ENCRYPT_MD5); $a->authenticate('testuser1', '12test34'); $this->assertFalse($a->isValid()); unset($a); $a = new Auth(new File(__DIR__ . '/../tmp/access.txt'), Auth::ENCRYPT_SHA1); $a->authenticate('testuser1', '12test34'); $this->assertFalse($a->isValid()); unset($a); $a = new Auth(new File(__DIR__ . '/../tmp/access.txt'), Auth::ENCRYPT_CRYPT, array('salt' => 'abcdefg')); $a->authenticate('testuser1', '12test34'); $this->assertFalse($a->isValid()); }
<?php require_once '../../bootstrap.php'; use Pop\Auth; try { // Set the username and password $username = '******'; $password = '******'; // Create auth object $auth = new Auth\Auth(new Auth\Adapter\File('../assets/files/access-crypt.txt'), Auth\Auth::ENCRYPT_CRYPT); // Define some other auth parameters and authenticate the user $auth->setAttemptLimit(3)->setAttempts(2)->setAllowedIps('127.0.0.1')->authenticate($username, $password); echo $auth->getResultMessage() . '<br /> ' . PHP_EOL; // Check if the auth attempt is valid if ($auth->isValid()) { // The user is valid so do top-secret stuff } } catch (\Exception $e) { echo $e->getMessage() . PHP_EOL . PHP_EOL; }