/** * Verify a password. * * @param string $password * @param string $hash * @param UserModel $user * * @return boolean */ public function verifyPassword($password, $hash, $user = null) { if (strlen($hash) === 0) { return $this->legacyService->checkPassword($user, $password, $this->bcrypt); } if ($this->bcrypt->verify($password, $hash)) { return true; } return false; }
public function postLogin(Request $request, Application $app) { $data = $request->request->all(); if (!isset($data['email']) || !isset($data['password'])) { $app['session']->getFlashBag()->add('message', 'Email e/ou senha inválidos!'); return $app->redirect('/'); } $user = $app['orm.em']->getRepository('Orcamentos\\Model\\User')->findOneBy(array('email' => $data['email'])); if (!$user) { $app['session']->getFlashBag()->add('message', 'Usuário inválido!'); return $app->redirect('/'); } $bcrypt = new Bcrypt(); $valid = $bcrypt->verify($data['password'], $user->getPassword()); if (!$valid) { $app['session']->getFlashBag()->add('message', 'Email e/ou senha inválidos!'); return $app->redirect('/'); } $app['session']->set('email', $data['email']); $app['session']->set('isAdmin', $user->getAdmin()); $app['session']->set('companyId', $user->getCompany()->getId()); $app['session']->set('companyLogotype', $user->getCompany()->getLogotype()); $app['session']->set('companyName', $user->getCompany()->getName()); if ($user->getAdmin()) { return $app->redirect('/'); } return $app->redirect('/project'); }
public static function validate($user, $passwordGiven) { $passwordHash = $user->getPassword(); $passwordBcrypt = new Bcrypt(); $result = $passwordBcrypt->verify($passwordGiven, $passwordHash); return $result; }
public function indexAction() { if (@$_SESSION['user']['Logged'] == 1 || @$_SESSION['user']['Level'] == 1) { return $this->redirect()->toRoute('application'); } $userContainer = new Container('user'); $userContainer->Logged; $userContainer->Level; $userContainer->Nom; $userContainer->Prenom; $form = new AuthForm(); $request = $this->getRequest(); if ($request->isPost()) { $bcrypt = new Bcrypt(); $User = new User(); $User->user_login = $request->getPost('login'); $User->user_password = $request->getPost('motdepasse'); $UserO = $this->getUserTable()->getVerificationAuth($User->user_login); if ($UserO == true) { $securepass = $UserO->user_password; if ($bcrypt->verify($User->user_password, $securepass)) { $userContainer->Nom = $UserO->user_nom; $userContainer->Prenom = $UserO->user_prenom; $userContainer->Userid = $UserO->user_id; $userContainer->Logged = 1; $userContainer->Level = $UserO->user_droit; return $this->redirect()->toRoute('application'); } else { return array('form' => $form, 'erreur' => 'Mauvais Login ou Mauvais Mot de passe'); } } } return array('form' => $form); }
public function cleanerAction() { $form = new CleanerForm(); $form->setAttribute('method', 'POST'); $repo = array(); $request = $this->getRequest(); if ($request->isPost()) { $data = $request->getPost(); #test cipher $blockCipher = BlockCipher::factory('mcrypt', array('algo' => 'aes', 'hash' => 'sha512')); $blockCipher->setKey('DA$#3434fsa432dfef32327'); $hash = 'f19f8bf56c4f61b6b2ca51e4cd5973faa5a165e4db6ad7aae0f065463ba2330fx2kZPSH5xCnLy48nVPWnprIh601be0H2Quh2o88oCws='; #\Zend\Debug\Debug::dump($blockCipher->decrypt($hash)); #test bcrypt $bcrypt = new Bcrypt(); $hash = $bcrypt->create('xxx'); $hash = '$2y$10$HQORKaG/QUWk.wJGj9lPuOHLTrm11pRdSSBDP.L2JVrAkCid7W5O.'; #get git data $pwd = $request->getPost()['pwd']; $hour = $request->getPost()['hour']; if ($bcrypt->verify($pwd, $hash) && is_numeric($hour)) { $this->getActionLogTable()->deleteOlderThan($hour); $result['message'] = 'OK'; } else { $result['message'] = 'Error. Passwd or Hour are not valid.'; } } $result['form'] = $form; return new ViewModel($result); }
public function authenticate($username, $password) { $callback = function ($password, $hash) { $bcrypt = new Bcrypt(); return $bcrypt->verify($hash, $password); }; $authenticationService = new AuthenticationService(); $callbackCheckAdapter = new CallbackCheckAdapter($this->dbAdapter, "users", 'username', 'password', $callback); $callbackCheckAdapter->setIdentity($username)->setCredential($password); $authenticationService->setAdapter($callbackCheckAdapter); $authResult = $authenticationService->authenticate(); if ($authResult->isValid()) { $userObject = $callbackCheckAdapter->getResultRowObject(); $authenticationService->getStorage()->write($userObject); if ($userObject->status == 0) { $authenticationService->clearIdentity(); $this->setCode(-5); return false; } else { return true; } } else { $this->setCode($authResult->getCode()); return false; } }
/** * Performs an authentication attempt * * @return \Zend\Authentication\Result * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed */ public function authenticate() { if (empty($this->_username) || empty($this->_password)) { // throw new \Zend\Authentication\Adapter\Exception(); } if (is_null($this->_dm)) { throw new \Exception('Document Manager is null'); } $query = $this->_dm->createQueryBuilder('MoveIn4User\\Document\\UserDocument'); $query->field('userName')->equals((string) $this->_username); // $query->field ( 'password' )->equals ((string) $this->_password ); $query->field('active')->equals(true); $query->field('deleted')->equals(false); $users = $query->getQuery()->execute(); if (count($users) === 0) { return new Result(Result::FAILURE_CREDENTIAL_INVALID, array()); } else { foreach ($users as $user) { $bcrypt = new Bcrypt(); if ($bcrypt->verify((string) $this->_password, $user->getPassword()) and $user->getInstance()->getDeleted() === false) { return new Result(Result::SUCCESS, array('username' => $user->getUserName(), 'firstName' => $user->getFirstName(), 'surname' => $user->getSurname(), 'defaultLanguage' => $user->getInstance()->getDefaultLanguage(), 'id' => $user->getId())); } return new Result(Result::FAILURE_CREDENTIAL_INVALID, array()); } } }
public function authenticate(AuthEvent $e) { if ($this->isSatisfied()) { $storage = $this->getStorage()->read(); $e->setIdentity($storage['identity'])->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.')); return; } $identity = $e->getRequest()->getPost()->get('identity'); $credential = $e->getRequest()->getPost()->get('credential'); $credential = $this->preProcessCredential($credential); $userObject = null; // Cycle through the configured identity sources and test each $fields = $this->getOptions()->getAuthIdentityFields(); while (!is_object($userObject) && count($fields) > 0) { $mode = array_shift($fields); switch ($mode) { case 'username': $userObject = $this->getMapper()->findByUsername($identity); break; case 'email': $userObject = $this->getMapper()->findByEmail($identity); break; } } if (!$userObject) { $e->setCode(AuthenticationResult::FAILURE_IDENTITY_NOT_FOUND)->setMessages(array('A record with the supplied identity could not be found.')); $this->setSatisfied(false); return false; } if ($this->getOptions()->getEnableUserState()) { // Don't allow user to login if state is not in allowed list if (!in_array($userObject->getState(), $this->getOptions()->getAllowedLoginStates())) { $e->setCode(AuthenticationResult::FAILURE_UNCATEGORIZED)->setMessages(array('A record with the supplied identity is not active.')); $this->setSatisfied(false); return false; } } $bcrypt = new Bcrypt(); $bcrypt->setCost($this->getOptions()->getPasswordCost()); if (!$bcrypt->verify($credential, $userObject->getPassword())) { // Password does not match $e->setCode(AuthenticationResult::FAILURE_CREDENTIAL_INVALID)->setMessages(array('Supplied credential is invalid.')); $this->setSatisfied(false); return false; } // regen the id $session = new SessionContainer($this->getStorage()->getNameSpace()); $session->getManager()->regenerateId(); // Success! $e->setIdentity($userObject->getId()); // Update user's password hash if the cost parameter has changed $this->updateUserPasswordHash($userObject, $credential, $bcrypt); $this->setSatisfied(true); $storage = $this->getStorage()->read(); $storage['identity'] = $e->getIdentity(); $this->getStorage()->write($storage); $e->setCode(AuthenticationResult::SUCCESS)->setMessages(array('Authentication successful.')); }
public function verifyCredentials() { $this->user = $this->gateway->findByUsername($this->username); if ($this->user) { $bcrypt = new Bcrypt(); return $bcrypt->verify($this->password, $this->user->password); } return false; }
public function authenticate() { $bcrypt = new Bcrypt(); if ($bcrypt->verify($this->getCredential(), $this->userApi->getPasswordByUserId($this->getIdentity()))) { $code = Result::SUCCESS; } else { $code = Result::FAILURE; } return new Result($code, $this->getIdentity()); }
private function verifyPasswordHash($query) { if ($row = $query->fetch()) { $bcrypt = new Bcrypt(); if ($bcrypt->verify($this->password, $row['password'])) { return $row['userid']; } } return false; }
public function login(string $email, string $password) : bool { $user = $this->userService->findByEmail($email); if ($user instanceof UserInterface) { $bcrypt = new Bcrypt(); if ($bcrypt->verify($password, $user->getPassword())) { return $this->validationStorageAdapter->create($email); } } return false; }
/** * This method inspects the request and routes the data * to the correct method * * @return void */ public function create($data) { $usersTable = $this->getUsersTable(); $user = $usersTable->getByUsername($data['username']); $bcrypt = new Bcrypt(); if (!empty($user) && $bcrypt->verify($data['password'], $user->password)) { $result = new JsonModel(array('result' => true, 'errors' => null)); } else { $result = new JsonModel(array('result' => false, 'errors' => 'Invalid Username or password')); } return $result; }
public function verify($password, $hash) { if ($this->method == 'md5') { return $hash == md5($this->salt . $password); } elseif ($this->method == 'sha1') { return $hash == sha1($this->salt . $password); } elseif ($this->method == 'bcrypt') { $bcrypt = new Bcrypt(); $bcrypt->setCost(14); return $bcrypt->verify($password, $hash); } }
function login($email, $password) { $CI =& get_instance(); $sql = "SELECT user_id,user_password, role_id, employee_name, a.branch_id, branch_name \n\t \t\tFROM (\n\t \t\t\tSELECT user_id,user_password, role_id, employee_name, branch_id\n\t\t \t\tFROM cx_users u \n\t\t \t\tINNER JOIN cx_employees e ON e.employee_id = u.employee_id\n\t\t \t\tWHERE user_email = ? AND user_status = ?\n\t \t\t) a \n \t\tINNER JOIN cx_branch b ON b.branch_id = a.branch_id\n \t\t"; $query = $CI->db->query($sql, array($email, 1)); if ($query->num_rows() !== 1) { return false; } else { // Verify Password $bcrypt = new Bcrypt(); if ($bcrypt->verify($password, $query->row()->user_password)) { //update the last login time $data = array("last_login" => date("Y-m-d H-i-s")); $CI->db->where('user_id', $query->row()->user_id); $CI->db->update("cx_users", $data); // Get Menu Items for the user $sql = "SELECT menu_name, menu_link,section_id, is_hidden, class_method FROM cx_permissions\n\t\t\t\t\tINNER JOIN cx_menus ON cx_permissions.menu_id = cx_menus.menu_id\n\t\t\t\t\tWHERE role_id = ?"; $result = $CI->db->query($sql, array($query->row()->role_id)); $menu_items = array(); if ($result->num_rows() > 0) { foreach ($result->result() as $row) { // Get Module Names $sql = "SELECT module_name FROM cx_sections\n\t\t\t\t\t\t\tLEFT JOIN cx_modules ON cx_modules.module_id = cx_sections.parent_module_id\n\t\t\t\t\t\t\tWHERE section_id = ?"; $QueryResult = $CI->db->query($sql, array($row->section_id)); // Generate the array for Navigation Menu for the user if ($QueryResult->num_rows() > 0) { foreach ($QueryResult->result() as $rows) { if ($row->is_hidden == 0) { $menu_items[$rows->module_name][] = array("menuName" => $row->menu_name, "menuLink" => $row->menu_link); } } } $permissions[] = trim($row->class_method); } } //store user information in the session $CI->session->set_userdata("user_id", $query->row()->user_id); $CI->session->set_userdata("role_id", $query->row()->role_id); $CI->session->set_userdata("user_name", $query->row()->employee_name); $CI->session->set_userdata("branch_id", $query->row()->branch_id); $CI->session->set_userdata("branch_name", $query->row()->branch_name); $CI->session->set_userdata("left_menus", $menu_items); $CI->session->set_userdata("permissions", $permissions); return TRUE; } else { return FALSE; // Password did not match } } }
/** * Performs an authentication attempt * * @return \Zend\Authentication\Result * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface * If authentication cannot be performed */ public function authenticate() { $credential = $this->getCredential(); $identity = $this->getIdentity(); $userObject = $this->getUserObject(); $bcrypt = new Bcrypt(); $bcrypt->setCost(14); if (!$bcrypt->verify($this->getCredential(), $userObject->getPassword())) { // Password does not match return false; } $this->updateIdentity($userObject); return $this->getAuthResult(AuthenticationResult::SUCCESS, $userObject->getEmail()); }
/** * {@inheritdoc} */ public function authenticate() { $users = $this->repository->findBy(array('email' => $this->getIdentity())); if (empty($users)) { return new AuthenticationResult(AuthenticationResult::FAILURE_IDENTITY_NOT_FOUND, null, array('Authentication failure.')); } $bcrypt = new Bcrypt(); $bcrypt->setCost($this->options->getBCryptCost()); foreach ($users as $user) { if ($bcrypt->verify($this->getCredential(), $user->getPassword())) { return new AuthenticationResult(AuthenticationResult::SUCCESS, $user, array('Authentication successful.')); } } return new AuthenticationResult(AuthenticationResult::FAILURE_CREDENTIAL_INVALID, null, array('Authentication failure.')); }
public function authenticate() { /** @var \NightsWatch\Entity\User $user */ $user = $this->entityManager->getRepository('NightsWatch\\Entity\\User')->findOneBy(['username' => $this->username]); $bcrypt = new Bcrypt(); if (is_null($user)) { return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, [], ['No Such User']); } elseif (!$bcrypt->verify($this->password, $user->password)) { return new Result(Result::FAILURE_CREDENTIAL_INVALID, [], ['Invalid Password']); } elseif ($user->banned) { return new Result(-5, [], ['Account Banned']); } else { return new Result(Result::SUCCESS, $user->id, []); } }
/** * Verifies if the password is correct * @param string $password * @param string $hash * @param timestamp timestamp * @return boolean */ public function verify($password, $hash, $timestamp) { $salt = $this->generateSalt($timestamp); //\Zend\Debug\Debug::dump(md5($salt . $password), $label = null, $echo = true); //\Zend\Debug\Debug::dump($this->salt, $label = null, $echo = true); if ($this->method == 'md5') { return $hash == md5($salt . $password); } elseif ($this->method == 'sha1') { return $hash == sha1($salt == 'sha1'); } elseif ($this->method == 'bcrypt') { $bcrypt = new Bcrypt(); $bcrypt->setCost(14); return $bcrypt->verify($password, $hash, $timestamp); } }
public function prepareAuthBcrypt($username, $password) { if ($this->username === $username) { $bcrypt = new Bcrypt(); $login = $bcrypt->verify($this->password, $password); var_dump($login); die; if ($login) { $result = $this->authenticate(); return $result; } else { \Zend\Debug\Debug::dump('logowanie nie powiodło się ' . $this->username); } } }
/** * Execute login: * -return true if successful * * @param String $email * @param String $password * @return boolean */ public function login($email, $password) { $bcrypt = new Bcrypt(); $adapter = $this->sm->get('Zend\\Db\\Adapter\\Adapter'); $selectString = 'select * from users_table where email="' . $email . '"'; $results = $adapter->query($selectString, $adapter::QUERY_MODE_EXECUTE)->toArray()[0]; // throw new \Exception($results['password']); $logged = $bcrypt->verify($password, $results['password']); if ($logged) { // throw new \Exception(serialize($results)); return new User($results); } else { return null; } }
/** * Returns the contents of storage * * Behavior is undefined when storage is empty. * * @throws \Zend\Authentication\Exception\ExceptionInterface * If reading contents from storage is impossible * @return mixed */ public function read() { if (empty($_COOKIE['userId']) || empty($_COOKIE['cs'])) { return null; } $user = $this->getUserMapper()->getById($_COOKIE['userId']); if (!$user) { return null; } $bcrypt = new Bcrypt(); if ($bcrypt->verify($user->email . $user->password, $_COOKIE['cs'])) { return $user; } $this->clear(); return null; }
/** * {@inheritDoc} */ public function authenticate() { //先尝试手机登陆 $er = $this->em->getRepository('Site\\Entity\\UserEntity'); $user = $er->findOneBy(array('mobile' => $this->username)); if (!$user) { return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, 0); } if ($this->checkPassword) { $bcrypt = new Bcrypt(); if (!$bcrypt->verify($this->password, $user->password)) { return new Result(Result::FAILURE_CREDENTIAL_INVALID, 0); } } $result = new Result(Result::SUCCESS, $user); return $result; }
/** * Check if the password is Bcrypt verified. * * @param array $resultIdentity * * @return Result */ public function authenticateValidateResult($resultIdentity) { if (!$resultIdentity || !isset($resultIdentity['password'])) { $this->authenticateResultInfo['code'] = Result::FAILURE_IDENTITY_NOT_FOUND; $this->authenticateResultInfo['messages'][] = 'Supplied identity does not exist.'; return $this->authenticateCreateAuthResult(); } $bcrypt = new Bcrypt(); if (!$bcrypt->verify($this->credential, $resultIdentity['password'])) { $this->authenticateResultInfo['code'] = Result::FAILURE_CREDENTIAL_INVALID; $this->authenticateResultInfo['messages'][] = 'Supplied credential is invalid.'; return $this->authenticateCreateAuthResult(); } $this->resultRow = $resultIdentity; $this->authenticateResultInfo['code'] = Result::SUCCESS; $this->authenticateResultInfo['messages'][] = 'Authentication successful.'; return $this->authenticateCreateAuthResult(); }
/** * This method inspects the request and routes the data * to the correct method * * @return void */ public function create($data) { $usersTable = $this->getUsersTable(); $user = $usersTable->getByUsername($data['username']); $bcrypt = new Bcrypt(); if (!empty($user) && $bcrypt->verify($data['password'], $user->password)) { $storage = new Pdo($usersTable->adapter->getDriver()->getConnection()->getConnectionParameters()); $server = new Server($storage); $server->addGrantType(new ClientCredentials($storage)); $response = $server->handleTokenRequest(Request::createFromGlobals()); if (!$response->isSuccessful()) { $result = new JsonModel(array('result' => false, 'errors' => 'Invalid oauth')); } return new JsonModel($response->getParameters()); } else { $result = new JsonModel(array('result' => false, 'errors' => 'Invalid Username or password')); } return $result; }
/** * _authenticateQuerySelect() - This method accepts a Zend\Db\Sql\Select object and * performs a query against the database with that object. * * @param Sql\Select $dbSelect * @throws \RuntimeException when an invalid select object is encountered * @return array */ protected function authenticateQuerySelect(Sql\Select $dbSelect) { $sql = new Sql\Sql($this->zendDb); $statement = $sql->prepareStatementForSqlObject($dbSelect); try { $result = $statement->execute(); $resultIdentities = []; // create object ob Bcrypt class $bcrypt = new Bcrypt(); // iterate result, most cross platform way foreach ($result as $row) { if ($bcrypt->verify($this->credential, $row[$this->credentialColumn])) { $row['zend_auth_credential_match'] = 1; $resultIdentities[] = $row; } } } catch (\Exception $e) { throw new \RuntimeException('The supplied parameters to DbTable failed to ' . 'produce a valid sql statement, please check table and column names ' . 'for validity.', 0, $e); } return $resultIdentities; }
/** * Function to validate login form * @param Array $data * @param Object $loginForm * @return TRUE * */ public function validateForm($data, $loginForm) { $user = new User(); $bcrypt = new Bcrypt(); $userTable = $this->getServiceLocator()->get('UserTable'); $shopkeeperTable = $this->getServiceLocator()->get('ShopkeeperTable'); $userRoleTable = $this->getServiceLocator()->get('UserRoleTable'); $user = $userTable->getOne(array('aufri_users_email' => $data['email'])); $userPassword = $user->getUserPassword(); if (!empty($user) && !empty($data['password'])) { if ($bcrypt->verify($data['password'], $userPassword)) { $this->updateSessionWithUser($user, false); //if($role === 1) { return $this->redirect()->toRoute('admin_home'); //} else if($role === 2) { // return $this->redirect()->toRoute('shopkeeper_home'); //} } } else { $this->setErrorMessage('Invalid login credentials'); } }
/** * Performs an authentication attempt * * @return \Zend\Authentication\Result * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed */ public function authenticate() { $em = $this->getEntityManager(); $repo = $em->getRepository($this->entityName); $identity = $this->getIdentity(); $userObject = $repo->findOneBy(array('username' => $identity)); if (!$userObject) { $authCode = AuthResult::FAILURE_IDENTITY_NOT_FOUND; $messages = array('A record with the supplied identity could not be found.'); return new AuthResult($authCode, $identity, $messages); } $bcrypt = new Bcrypt(); $bcrypt->setCost(14); if (!$bcrypt->verify($this->getCredential(), $userObject->getPassword())) { // Password does not match $messages = array('Supplied credential is invalid.'); $authCode = AuthResult::FAILURE_CREDENTIAL_INVALID; return new AuthResult($authCode, $identity, $messages); } $userObject->setName('IdAuth\\Adapter\\Doctrine'); $hydrator = new DoctrineObject($em, $this->entityName); $hydrator->hydrate($userObject->getRoles(), $userObject); return new AuthResult(AuthResult::SUCCESS, $userObject, array('Authentication Successful')); }
/** * Performs an authentication attempt * * @return \Zend\Authentication\Result * @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed */ public function authenticate() { if (empty($this->_username) || empty($this->_password)) { // throw new \Zend\Authentication\Adapter\Exception(); } if (is_null($this->_dm)) { throw new \Exception('Document Manager is null'); } $query = $this->_dm->createQueryBuilder('MoveIn4AdminUser\\Document\\AdminUserDocument'); $query->field('emailAddress')->equals($this->_username); // $query->field ( 'password' )->equals ( $this->_password ); $users = $query->getQuery()->execute(); if (count($users) === 0) { return new Result(Result::FAILURE_CREDENTIAL_INVALID, array()); } else { foreach ($users as $user) { $crypt = new Bcrypt(); if ($crypt->verify((string) $this->_password, $user->getPassword())) { return new Result(Result::SUCCESS, array('username' => $user->getEmailAddress(), 'firstName' => $user->getFirstName(), 'surname' => $user->getSurname(), 'id' => $user->getId())); } } } return new Result(Result::FAILURE_CREDENTIAL_INVALID, array()); }
/** * Logged user change password action * * @author Stoyan Rangelov * @param array $data * @return boolean|array */ public function loggedChangePassword($data) { //Input filters $inputFilter = new \User\InputFilter\User(); $customFilter = $inputFilter->loggedChangePassword(); $inputFilter->setInputFilter($customFilter); $filter = $inputFilter->getInputFilter(); $filter->setData($data); if ($filter->isValid()) { $user = $this->getLoggedUser(); $bcrypt = new Bcrypt(); if ($bcrypt->verify($data['currentPassword'], $user->getHash())) { $securePass = $bcrypt->create($data['password']); $em = $this->getEntityManager(); $user->setHash($securePass)->setUpdatedAt(new \DateTime()); $em->merge($user); $em->flush(); $result = array(); $result['status_code'] = 201; return $result; } else { $result = array(); $result['status_code'] = 400; $result['error_messages']['currentPassword']['invalidCurrentPassword'] = '******'; return $result; } } else { return $this->getErrorMessages($filter); } }