public function it_errors_on_invalid_passCode(Token $token) { $uuid = Uuid::uuid4(); $passCode = bin2hex(random_bytes(20)); $this->tokenRepository->getByUuid($uuid)->willReturn($token); $token->getPassCode()->willReturn('nope'); $this->shouldThrow(LoginFailedException::invalidCredentials())->duringGetToken($uuid, $passCode); }
private function verifyPassword(User $user, string $password) { if (!password_verify($password, $user->getPassword())) { throw LoginFailedException::invalidCredentials(); } if (password_needs_rehash($user->getPassword(), $this->algorithm, $this->passwordOptions)) { $user->setPassword(password_hash($password, $this->algorithm, $this->passwordOptions)); $this->userRepository->update($user); } }
public function getToken(UuidInterface $uuid, string $passCode) : Token { try { $token = $this->tokenRepository->getByUuid($uuid); } catch (NoUniqueResultException $exception) { throw LoginFailedException::invalidToken($exception); } if (!hash_equals($token->getPassCode(), $passCode)) { throw LoginFailedException::invalidCredentials(); } if ($token->getExpires() < new \DateTimeImmutable()) { throw LoginFailedException::invalidToken(); } return $token; }
public function it_errors_on_invalid_password(User $user) { $email = '*****@*****.**'; $password = '******'; $this->userRepository->getByEmailAddress(EmailAddress::get($email))->willReturn($user); $user->getPassword()->willReturn(password_hash('no.you.shut.up.r2', PASSWORD_BCRYPT, ['cost' => 10])); $this->shouldThrow(LoginFailedException::invalidCredentials())->duringLogin($email, $password); }