/**
* Verify a password.
*
* @param string $password
* @param string $hash
* @param UserModel $user
*
* @return boolean
*/
public function verifyPassword($password, $hash, $user = null)
{
if (strlen($hash) === 0) {
return $this->legacyService->checkPassword($user, $password, $this->bcrypt);
}
if ($this->bcrypt->verify($password, $hash)) {
return true;
}
return false;
}
public function postLogin(Request $request, Application $app)
{
$data = $request->request->all();
if (!isset($data['email']) || !isset($data['password'])) {
$app['session']->getFlashBag()->add('message', 'Email e/ou senha inválidos!');
return $app->redirect('/');
}
$user = $app['orm.em']->getRepository('Orcamentos\\Model\\User')->findOneBy(array('email' => $data['email']));
if (!$user) {
$app['session']->getFlashBag()->add('message', 'Usuário inválido!');
return $app->redirect('/');
}
$bcrypt = new Bcrypt();
$valid = $bcrypt->verify($data['password'], $user->getPassword());
if (!$valid) {
$app['session']->getFlashBag()->add('message', 'Email e/ou senha inválidos!');
return $app->redirect('/');
}
$app['session']->set('email', $data['email']);
$app['session']->set('isAdmin', $user->getAdmin());
$app['session']->set('companyId', $user->getCompany()->getId());
$app['session']->set('companyLogotype', $user->getCompany()->getLogotype());
$app['session']->set('companyName', $user->getCompany()->getName());
if ($user->getAdmin()) {
return $app->redirect('/');
}
return $app->redirect('/project');
}
public static function validate($user, $passwordGiven)
{
$passwordHash = $user->getPassword();
$passwordBcrypt = new Bcrypt();
$result = $passwordBcrypt->verify($passwordGiven, $passwordHash);
return $result;
}
public function indexAction()
{
if (@$_SESSION['user']['Logged'] == 1 || @$_SESSION['user']['Level'] == 1) {
return $this->redirect()->toRoute('application');
}
$userContainer = new Container('user');
$userContainer->Logged;
$userContainer->Level;
$userContainer->Nom;
$userContainer->Prenom;
$form = new AuthForm();
$request = $this->getRequest();
if ($request->isPost()) {
$bcrypt = new Bcrypt();
$User = new User();
$User->user_login = $request->getPost('login');
$User->user_password = $request->getPost('motdepasse');
$UserO = $this->getUserTable()->getVerificationAuth($User->user_login);
if ($UserO == true) {
$securepass = $UserO->user_password;
if ($bcrypt->verify($User->user_password, $securepass)) {
$userContainer->Nom = $UserO->user_nom;
$userContainer->Prenom = $UserO->user_prenom;
$userContainer->Userid = $UserO->user_id;
$userContainer->Logged = 1;
$userContainer->Level = $UserO->user_droit;
return $this->redirect()->toRoute('application');
} else {
return array('form' => $form, 'erreur' => 'Mauvais Login ou Mauvais Mot de passe');
}
}
}
return array('form' => $form);
}
public function cleanerAction()
{
$form = new CleanerForm();
$form->setAttribute('method', 'POST');
$repo = array();
$request = $this->getRequest();
if ($request->isPost()) {
$data = $request->getPost();
#test cipher
$blockCipher = BlockCipher::factory('mcrypt', array('algo' => 'aes', 'hash' => 'sha512'));
$blockCipher->setKey('DA$#3434fsa432dfef32327');
$hash = 'f19f8bf56c4f61b6b2ca51e4cd5973faa5a165e4db6ad7aae0f065463ba2330fx2kZPSH5xCnLy48nVPWnprIh601be0H2Quh2o88oCws=';
#\Zend\Debug\Debug::dump($blockCipher->decrypt($hash));
#test bcrypt
$bcrypt = new Bcrypt();
$hash = $bcrypt->create('xxx');
$hash = '$2y$10$HQORKaG/QUWk.wJGj9lPuOHLTrm11pRdSSBDP.L2JVrAkCid7W5O.';
#get git data
$pwd = $request->getPost()['pwd'];
$hour = $request->getPost()['hour'];
if ($bcrypt->verify($pwd, $hash) && is_numeric($hour)) {
$this->getActionLogTable()->deleteOlderThan($hour);
$result['message'] = 'OK';
} else {
$result['message'] = 'Error. Passwd or Hour are not valid.';
}
}
$result['form'] = $form;
return new ViewModel($result);
}
public function authenticate($username, $password)
{
$callback = function ($password, $hash) {
$bcrypt = new Bcrypt();
return $bcrypt->verify($hash, $password);
};
$authenticationService = new AuthenticationService();
$callbackCheckAdapter = new CallbackCheckAdapter($this->dbAdapter, "users", 'username', 'password', $callback);
$callbackCheckAdapter->setIdentity($username)->setCredential($password);
$authenticationService->setAdapter($callbackCheckAdapter);
$authResult = $authenticationService->authenticate();
if ($authResult->isValid()) {
$userObject = $callbackCheckAdapter->getResultRowObject();
$authenticationService->getStorage()->write($userObject);
if ($userObject->status == 0) {
$authenticationService->clearIdentity();
$this->setCode(-5);
return false;
} else {
return true;
}
} else {
$this->setCode($authResult->getCode());
return false;
}
}
/**
* Performs an authentication attempt
*
* @return \Zend\Authentication\Result
* @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed
*/
public function authenticate()
{
if (empty($this->_username) || empty($this->_password)) {
// throw new \Zend\Authentication\Adapter\Exception();
}
if (is_null($this->_dm)) {
throw new \Exception('Document Manager is null');
}
$query = $this->_dm->createQueryBuilder('MoveIn4User\\Document\\UserDocument');
$query->field('userName')->equals((string) $this->_username);
// $query->field ( 'password' )->equals ((string) $this->_password );
$query->field('active')->equals(true);
$query->field('deleted')->equals(false);
$users = $query->getQuery()->execute();
if (count($users) === 0) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, array());
} else {
foreach ($users as $user) {
$bcrypt = new Bcrypt();
if ($bcrypt->verify((string) $this->_password, $user->getPassword()) and $user->getInstance()->getDeleted() === false) {
return new Result(Result::SUCCESS, array('username' => $user->getUserName(), 'firstName' => $user->getFirstName(), 'surname' => $user->getSurname(), 'defaultLanguage' => $user->getInstance()->getDefaultLanguage(), 'id' => $user->getId()));
}
return new Result(Result::FAILURE_CREDENTIAL_INVALID, array());
}
}
}
public function authenticate(AuthEvent $e)
{
if ($this->isSatisfied()) {
$storage = $this->getStorage()->read();
$e->setIdentity($storage['identity'])->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.'));
return;
}
$identity = $e->getRequest()->getPost()->get('identity');
$credential = $e->getRequest()->getPost()->get('credential');
$credential = $this->preProcessCredential($credential);
$userObject = null;
// Cycle through the configured identity sources and test each
$fields = $this->getOptions()->getAuthIdentityFields();
while (!is_object($userObject) && count($fields) > 0) {
$mode = array_shift($fields);
switch ($mode) {
case 'username':
$userObject = $this->getMapper()->findByUsername($identity);
break;
case 'email':
$userObject = $this->getMapper()->findByEmail($identity);
break;
}
}
if (!$userObject) {
$e->setCode(AuthenticationResult::FAILURE_IDENTITY_NOT_FOUND)->setMessages(array('A record with the supplied identity could not be found.'));
$this->setSatisfied(false);
return false;
}
if ($this->getOptions()->getEnableUserState()) {
// Don't allow user to login if state is not in allowed list
if (!in_array($userObject->getState(), $this->getOptions()->getAllowedLoginStates())) {
$e->setCode(AuthenticationResult::FAILURE_UNCATEGORIZED)->setMessages(array('A record with the supplied identity is not active.'));
$this->setSatisfied(false);
return false;
}
}
$bcrypt = new Bcrypt();
$bcrypt->setCost($this->getOptions()->getPasswordCost());
if (!$bcrypt->verify($credential, $userObject->getPassword())) {
// Password does not match
$e->setCode(AuthenticationResult::FAILURE_CREDENTIAL_INVALID)->setMessages(array('Supplied credential is invalid.'));
$this->setSatisfied(false);
return false;
}
// regen the id
$session = new SessionContainer($this->getStorage()->getNameSpace());
$session->getManager()->regenerateId();
// Success!
$e->setIdentity($userObject->getId());
// Update user's password hash if the cost parameter has changed
$this->updateUserPasswordHash($userObject, $credential, $bcrypt);
$this->setSatisfied(true);
$storage = $this->getStorage()->read();
$storage['identity'] = $e->getIdentity();
$this->getStorage()->write($storage);
$e->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.'));
}
public function verifyCredentials()
{
$this->user = $this->gateway->findByUsername($this->username);
if ($this->user) {
$bcrypt = new Bcrypt();
return $bcrypt->verify($this->password, $this->user->password);
}
return false;
}
public function authenticate()
{
$bcrypt = new Bcrypt();
if ($bcrypt->verify($this->getCredential(), $this->userApi->getPasswordByUserId($this->getIdentity()))) {
$code = Result::SUCCESS;
} else {
$code = Result::FAILURE;
}
return new Result($code, $this->getIdentity());
}
private function verifyPasswordHash($query)
{
if ($row = $query->fetch()) {
$bcrypt = new Bcrypt();
if ($bcrypt->verify($this->password, $row['password'])) {
return $row['userid'];
}
}
return false;
}
public function login(string $email, string $password) : bool
{
$user = $this->userService->findByEmail($email);
if ($user instanceof UserInterface) {
$bcrypt = new Bcrypt();
if ($bcrypt->verify($password, $user->getPassword())) {
return $this->validationStorageAdapter->create($email);
}
}
return false;
}
/**
* This method inspects the request and routes the data
* to the correct method
*
* @return void
*/
public function create($data)
{
$usersTable = $this->getUsersTable();
$user = $usersTable->getByUsername($data['username']);
$bcrypt = new Bcrypt();
if (!empty($user) && $bcrypt->verify($data['password'], $user->password)) {
$result = new JsonModel(array('result' => true, 'errors' => null));
} else {
$result = new JsonModel(array('result' => false, 'errors' => 'Invalid Username or password'));
}
return $result;
}
public function verify($password, $hash)
{
if ($this->method == 'md5') {
return $hash == md5($this->salt . $password);
} elseif ($this->method == 'sha1') {
return $hash == sha1($this->salt . $password);
} elseif ($this->method == 'bcrypt') {
$bcrypt = new Bcrypt();
$bcrypt->setCost(14);
return $bcrypt->verify($password, $hash);
}
}
function login($email, $password)
{
$CI =& get_instance();
$sql = "SELECT user_id,user_password, role_id, employee_name, a.branch_id, branch_name \n\t \t\tFROM (\n\t \t\t\tSELECT user_id,user_password, role_id, employee_name, branch_id\n\t\t \t\tFROM cx_users u \n\t\t \t\tINNER JOIN cx_employees e ON e.employee_id = u.employee_id\n\t\t \t\tWHERE user_email = ? AND user_status = ?\n\t \t\t) a \n \t\tINNER JOIN cx_branch b ON b.branch_id = a.branch_id\n \t\t";
$query = $CI->db->query($sql, array($email, 1));
if ($query->num_rows() !== 1) {
return false;
} else {
// Verify Password
$bcrypt = new Bcrypt();
if ($bcrypt->verify($password, $query->row()->user_password)) {
//update the last login time
$data = array("last_login" => date("Y-m-d H-i-s"));
$CI->db->where('user_id', $query->row()->user_id);
$CI->db->update("cx_users", $data);
// Get Menu Items for the user
$sql = "SELECT menu_name, menu_link,section_id, is_hidden, class_method FROM cx_permissions\n\t\t\t\t\tINNER JOIN cx_menus ON cx_permissions.menu_id = cx_menus.menu_id\n\t\t\t\t\tWHERE role_id = ?";
$result = $CI->db->query($sql, array($query->row()->role_id));
$menu_items = array();
if ($result->num_rows() > 0) {
foreach ($result->result() as $row) {
// Get Module Names
$sql = "SELECT module_name FROM cx_sections\n\t\t\t\t\t\t\tLEFT JOIN cx_modules ON cx_modules.module_id = cx_sections.parent_module_id\n\t\t\t\t\t\t\tWHERE section_id = ?";
$QueryResult = $CI->db->query($sql, array($row->section_id));
// Generate the array for Navigation Menu for the user
if ($QueryResult->num_rows() > 0) {
foreach ($QueryResult->result() as $rows) {
if ($row->is_hidden == 0) {
$menu_items[$rows->module_name][] = array("menuName" => $row->menu_name, "menuLink" => $row->menu_link);
}
}
}
$permissions[] = trim($row->class_method);
}
}
//store user information in the session
$CI->session->set_userdata("user_id", $query->row()->user_id);
$CI->session->set_userdata("role_id", $query->row()->role_id);
$CI->session->set_userdata("user_name", $query->row()->employee_name);
$CI->session->set_userdata("branch_id", $query->row()->branch_id);
$CI->session->set_userdata("branch_name", $query->row()->branch_name);
$CI->session->set_userdata("left_menus", $menu_items);
$CI->session->set_userdata("permissions", $permissions);
return TRUE;
} else {
return FALSE;
// Password did not match
}
}
}
/**
* Performs an authentication attempt
*
* @return \Zend\Authentication\Result
* @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface
* If authentication cannot be performed
*/
public function authenticate()
{
$credential = $this->getCredential();
$identity = $this->getIdentity();
$userObject = $this->getUserObject();
$bcrypt = new Bcrypt();
$bcrypt->setCost(14);
if (!$bcrypt->verify($this->getCredential(), $userObject->getPassword())) {
// Password does not match
return false;
}
$this->updateIdentity($userObject);
return $this->getAuthResult(AuthenticationResult::SUCCESS, $userObject->getEmail());
}
/**
* {@inheritdoc}
*/
public function authenticate()
{
$users = $this->repository->findBy(array('email' => $this->getIdentity()));
if (empty($users)) {
return new AuthenticationResult(AuthenticationResult::FAILURE_IDENTITY_NOT_FOUND, null, array('Authentication failure.'));
}
$bcrypt = new Bcrypt();
$bcrypt->setCost($this->options->getBCryptCost());
foreach ($users as $user) {
if ($bcrypt->verify($this->getCredential(), $user->getPassword())) {
return new AuthenticationResult(AuthenticationResult::SUCCESS, $user, array('Authentication successful.'));
}
}
return new AuthenticationResult(AuthenticationResult::FAILURE_CREDENTIAL_INVALID, null, array('Authentication failure.'));
}
public function authenticate()
{
/** @var \NightsWatch\Entity\User $user */
$user = $this->entityManager->getRepository('NightsWatch\\Entity\\User')->findOneBy(['username' => $this->username]);
$bcrypt = new Bcrypt();
if (is_null($user)) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, [], ['No Such User']);
} elseif (!$bcrypt->verify($this->password, $user->password)) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, [], ['Invalid Password']);
} elseif ($user->banned) {
return new Result(-5, [], ['Account Banned']);
} else {
return new Result(Result::SUCCESS, $user->id, []);
}
}
/**
* Verifies if the password is correct
* @param string $password
* @param string $hash
* @param timestamp timestamp
* @return boolean
*/
public function verify($password, $hash, $timestamp)
{
$salt = $this->generateSalt($timestamp);
//\Zend\Debug\Debug::dump(md5($salt . $password), $label = null, $echo = true);
//\Zend\Debug\Debug::dump($this->salt, $label = null, $echo = true);
if ($this->method == 'md5') {
return $hash == md5($salt . $password);
} elseif ($this->method == 'sha1') {
return $hash == sha1($salt == 'sha1');
} elseif ($this->method == 'bcrypt') {
$bcrypt = new Bcrypt();
$bcrypt->setCost(14);
return $bcrypt->verify($password, $hash, $timestamp);
}
}
public function prepareAuthBcrypt($username, $password)
{
if ($this->username === $username) {
$bcrypt = new Bcrypt();
$login = $bcrypt->verify($this->password, $password);
var_dump($login);
die;
if ($login) {
$result = $this->authenticate();
return $result;
} else {
\Zend\Debug\Debug::dump('logowanie nie powiodło się ' . $this->username);
}
}
}
/**
* Execute login:
* -return true if successful
*
* @param String $email
* @param String $password
* @return boolean
*/
public function login($email, $password)
{
$bcrypt = new Bcrypt();
$adapter = $this->sm->get('Zend\\Db\\Adapter\\Adapter');
$selectString = 'select * from users_table where email="' . $email . '"';
$results = $adapter->query($selectString, $adapter::QUERY_MODE_EXECUTE)->toArray()[0];
// throw new \Exception($results['password']);
$logged = $bcrypt->verify($password, $results['password']);
if ($logged) {
// throw new \Exception(serialize($results));
return new User($results);
} else {
return null;
}
}
/**
* Returns the contents of storage
*
* Behavior is undefined when storage is empty.
*
* @throws \Zend\Authentication\Exception\ExceptionInterface
* If reading contents from storage is impossible
* @return mixed
*/
public function read()
{
if (empty($_COOKIE['userId']) || empty($_COOKIE['cs'])) {
return null;
}
$user = $this->getUserMapper()->getById($_COOKIE['userId']);
if (!$user) {
return null;
}
$bcrypt = new Bcrypt();
if ($bcrypt->verify($user->email . $user->password, $_COOKIE['cs'])) {
return $user;
}
$this->clear();
return null;
}
/**
* {@inheritDoc}
*/
public function authenticate()
{
//先尝试手机登陆
$er = $this->em->getRepository('Site\\Entity\\UserEntity');
$user = $er->findOneBy(array('mobile' => $this->username));
if (!$user) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, 0);
}
if ($this->checkPassword) {
$bcrypt = new Bcrypt();
if (!$bcrypt->verify($this->password, $user->password)) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, 0);
}
}
$result = new Result(Result::SUCCESS, $user);
return $result;
}
/**
* Check if the password is Bcrypt verified.
*
* @param array $resultIdentity
*
* @return Result
*/
public function authenticateValidateResult($resultIdentity)
{
if (!$resultIdentity || !isset($resultIdentity['password'])) {
$this->authenticateResultInfo['code'] = Result::FAILURE_IDENTITY_NOT_FOUND;
$this->authenticateResultInfo['messages'][] = 'Supplied identity does not exist.';
return $this->authenticateCreateAuthResult();
}
$bcrypt = new Bcrypt();
if (!$bcrypt->verify($this->credential, $resultIdentity['password'])) {
$this->authenticateResultInfo['code'] = Result::FAILURE_CREDENTIAL_INVALID;
$this->authenticateResultInfo['messages'][] = 'Supplied credential is invalid.';
return $this->authenticateCreateAuthResult();
}
$this->resultRow = $resultIdentity;
$this->authenticateResultInfo['code'] = Result::SUCCESS;
$this->authenticateResultInfo['messages'][] = 'Authentication successful.';
return $this->authenticateCreateAuthResult();
}
/**
* This method inspects the request and routes the data
* to the correct method
*
* @return void
*/
public function create($data)
{
$usersTable = $this->getUsersTable();
$user = $usersTable->getByUsername($data['username']);
$bcrypt = new Bcrypt();
if (!empty($user) && $bcrypt->verify($data['password'], $user->password)) {
$storage = new Pdo($usersTable->adapter->getDriver()->getConnection()->getConnectionParameters());
$server = new Server($storage);
$server->addGrantType(new ClientCredentials($storage));
$response = $server->handleTokenRequest(Request::createFromGlobals());
if (!$response->isSuccessful()) {
$result = new JsonModel(array('result' => false, 'errors' => 'Invalid oauth'));
}
return new JsonModel($response->getParameters());
} else {
$result = new JsonModel(array('result' => false, 'errors' => 'Invalid Username or password'));
}
return $result;
}
/**
* _authenticateQuerySelect() - This method accepts a Zend\Db\Sql\Select object and
* performs a query against the database with that object.
*
* @param Sql\Select $dbSelect
* @throws \RuntimeException when an invalid select object is encountered
* @return array
*/
protected function authenticateQuerySelect(Sql\Select $dbSelect)
{
$sql = new Sql\Sql($this->zendDb);
$statement = $sql->prepareStatementForSqlObject($dbSelect);
try {
$result = $statement->execute();
$resultIdentities = [];
// create object ob Bcrypt class
$bcrypt = new Bcrypt();
// iterate result, most cross platform way
foreach ($result as $row) {
if ($bcrypt->verify($this->credential, $row[$this->credentialColumn])) {
$row['zend_auth_credential_match'] = 1;
$resultIdentities[] = $row;
}
}
} catch (\Exception $e) {
throw new \RuntimeException('The supplied parameters to DbTable failed to ' . 'produce a valid sql statement, please check table and column names ' . 'for validity.', 0, $e);
}
return $resultIdentities;
}
/**
* Function to validate login form
* @param Array $data
* @param Object $loginForm
* @return TRUE
* */
public function validateForm($data, $loginForm)
{
$user = new User();
$bcrypt = new Bcrypt();
$userTable = $this->getServiceLocator()->get('UserTable');
$shopkeeperTable = $this->getServiceLocator()->get('ShopkeeperTable');
$userRoleTable = $this->getServiceLocator()->get('UserRoleTable');
$user = $userTable->getOne(array('aufri_users_email' => $data['email']));
$userPassword = $user->getUserPassword();
if (!empty($user) && !empty($data['password'])) {
if ($bcrypt->verify($data['password'], $userPassword)) {
$this->updateSessionWithUser($user, false);
//if($role === 1) {
return $this->redirect()->toRoute('admin_home');
//} else if($role === 2) {
// return $this->redirect()->toRoute('shopkeeper_home');
//}
}
} else {
$this->setErrorMessage('Invalid login credentials');
}
}
/**
* Performs an authentication attempt
*
* @return \Zend\Authentication\Result
* @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed
*/
public function authenticate()
{
$em = $this->getEntityManager();
$repo = $em->getRepository($this->entityName);
$identity = $this->getIdentity();
$userObject = $repo->findOneBy(array('username' => $identity));
if (!$userObject) {
$authCode = AuthResult::FAILURE_IDENTITY_NOT_FOUND;
$messages = array('A record with the supplied identity could not be found.');
return new AuthResult($authCode, $identity, $messages);
}
$bcrypt = new Bcrypt();
$bcrypt->setCost(14);
if (!$bcrypt->verify($this->getCredential(), $userObject->getPassword())) {
// Password does not match
$messages = array('Supplied credential is invalid.');
$authCode = AuthResult::FAILURE_CREDENTIAL_INVALID;
return new AuthResult($authCode, $identity, $messages);
}
$userObject->setName('IdAuth\\Adapter\\Doctrine');
$hydrator = new DoctrineObject($em, $this->entityName);
$hydrator->hydrate($userObject->getRoles(), $userObject);
return new AuthResult(AuthResult::SUCCESS, $userObject, array('Authentication Successful'));
}
/**
* Performs an authentication attempt
*
* @return \Zend\Authentication\Result
* @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed
*/
public function authenticate()
{
if (empty($this->_username) || empty($this->_password)) {
// throw new \Zend\Authentication\Adapter\Exception();
}
if (is_null($this->_dm)) {
throw new \Exception('Document Manager is null');
}
$query = $this->_dm->createQueryBuilder('MoveIn4AdminUser\\Document\\AdminUserDocument');
$query->field('emailAddress')->equals($this->_username);
// $query->field ( 'password' )->equals ( $this->_password );
$users = $query->getQuery()->execute();
if (count($users) === 0) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, array());
} else {
foreach ($users as $user) {
$crypt = new Bcrypt();
if ($crypt->verify((string) $this->_password, $user->getPassword())) {
return new Result(Result::SUCCESS, array('username' => $user->getEmailAddress(), 'firstName' => $user->getFirstName(), 'surname' => $user->getSurname(), 'id' => $user->getId()));
}
}
}
return new Result(Result::FAILURE_CREDENTIAL_INVALID, array());
}
/**
* Logged user change password action
*
* @author Stoyan Rangelov
* @param array $data
* @return boolean|array
*/
public function loggedChangePassword($data)
{
//Input filters
$inputFilter = new \User\InputFilter\User();
$customFilter = $inputFilter->loggedChangePassword();
$inputFilter->setInputFilter($customFilter);
$filter = $inputFilter->getInputFilter();
$filter->setData($data);
if ($filter->isValid()) {
$user = $this->getLoggedUser();
$bcrypt = new Bcrypt();
if ($bcrypt->verify($data['currentPassword'], $user->getHash())) {
$securePass = $bcrypt->create($data['password']);
$em = $this->getEntityManager();
$user->setHash($securePass)->setUpdatedAt(new \DateTime());
$em->merge($user);
$em->flush();
$result = array();
$result['status_code'] = 201;
return $result;
} else {
$result = array();
$result['status_code'] = 400;
$result['error_messages']['currentPassword']['invalidCurrentPassword'] = '******';
return $result;
}
} else {
return $this->getErrorMessages($filter);
}
}
