/**
  * Creates a temporary system user with elevated privileges
  * so that the token can be removed and the user password
  * reset, despite having no authenticated user.
  *
  * @param mixed $token
  */
 protected function flush($token)
 {
     $documentManager = $this->getDocumentManager();
     $sysUser = new User();
     $sysUser->addRole('sys::recoverpassword');
     $serviceLocator = $this->options->getManifest()->getServiceManager();
     $allowOverride = $serviceLocator->getAllowOverride();
     $serviceLocator->setAllowOverride(true);
     $serviceLocator->setService('user', $sysUser);
     $documentManager->remove($token);
     $documentManager->flush();
     $serviceLocator->setAllowOverride($allowOverride);
     $sysUser->removeRole('sys::recoverpassword');
 }
 public function getUser()
 {
     list($series, $token, $username) = $this->getCookieValues();
     $documentManager = $this->options->getDocumentManager();
     $repository = $documentManager->getRepository('Zoop\\GatewayModule\\DataModel\\RememberMe');
     $record = $repository->findOneBy(['series' => $series]);
     if (!$record) {
         //If no record found matching the cookie, then ignore it, and remove the cookie.
         $this->removeCookie();
         return false;
     }
     if ($record->getUsername() != $username) {
         //Something has gone very wrong if the username doesn't match, remove cookie, and db record
         $this->removeCookie();
         $this->removeSeriesRecord();
         return false;
     }
     if ($record->getToken() != $token) {
         //If tokens don't match, then session theft has occured. Delete all user records, and cookie.
         $this->removeCookie();
         $this->removeUserRecords();
         return false;
     }
     //If we have got this far, then the user is good.
     //Update the token.
     $newToken = $this->createToken();
     $record->setToken($newToken);
     $documentManager->flush();
     $this->setCookie($series, $newToken, $username);
     $userRepository = $documentManager->getRepository($this->options->getUserClass());
     $usernameProperty = $this->options->getUsernameProperty();
     $shardServiceManager = $this->options->getShardServiceManager();
     $allowOverride = $shardServiceManager->getAllowOverride();
     $shardServiceManager->setAllowOverride(true);
     $sysUser = new User();
     $sysUser->addRole('sys::authenticate');
     $shardServiceManager->setService('user', $sysUser);
     $user = $userRepository->findOneBy([$usernameProperty => $username]);
     if (!$user) {
         //although the cookie and rememberme record match, there is no matching registered user!
         $this->removeCookie();
         $this->removeUserRecords();
         $sysUser->removeRole('sys::authenticate');
         $shardServiceManager->setAllowOverride($allowOverride);
         return false;
     }
     $shardServiceManager->setService('user', $user);
     $shardServiceManager->setAllowOverride($allowOverride);
     return $user;
 }
 /**
  * Authenticates against the supplied adapter
  *
  * @return Result
  * @throws Exception\RuntimeException
  */
 public function authenticate()
 {
     $allowOverride = $this->shardServiceManager->getAllowOverride();
     $this->shardServiceManager->setAllowOverride(true);
     $sysUser = new User();
     $sysUser->addRole('sys::authenticate');
     $this->shardServiceManager->setService('user', $sysUser);
     $this->doctrineAdapter->setIdentity($this->identity);
     $this->doctrineAdapter->setCredential($this->credential);
     $result = $this->doctrineAdapter->authenticate();
     if ($result->isValid()) {
         $this->shardServiceManager->setService('user', $result->getIdentity());
     } else {
         $sysUser->removeRole('sys::authenticate');
     }
     $this->shardServiceManager->setAllowOverride($allowOverride);
     return $result;
 }
예제 #4
0
 public static function create($serviceLocator, $documentManager)
 {
     //craete temp auth user
     $sysUser = new User();
     $sysUser->addRole('admin');
     $serviceLocator->setService('user', $sysUser);
     $user = new User();
     $user->setUsername('toby');
     $user->setFirstName('Toby');
     $user->setLastName('McQueen');
     $user->setEmail('*****@*****.**');
     $user->setPassword('password1');
     $user->setSalt('passwordpasswordpasswordpasswordpassword');
     $documentManager->persist($user);
     $documentManager->flush();
     $sysUser->removeRole('admin');
     $documentManager->clear();
 }
예제 #5
0
 public static function create($serviceLocator, $documentManager)
 {
     //Create data in the db to query against
     $documentManager->getConnection()->selectDatabase('gomi-test');
     //craete temp auth user
     $sysUser = new User();
     $sysUser->addRole('admin');
     $serviceLocator->setService('user', $sysUser);
     $user = new User();
     $user->setUsername('toby');
     $user->setFirstName('Toby');
     $user->setLastName('Awesome');
     $user->setPassword('password1');
     $user->setEmail('*****@*****.**');
     $documentManager->persist($user);
     $documentManager->flush();
     $documentManager->clear();
 }
 public function testChangePasswordWithUsername()
 {
     //first create the token
     $accept = new Accept();
     $accept->addMediaType('application/json');
     $this->getRequest()->setMethod(Request::METHOD_POST)->setContent('{"username": "******"}')->getHeaders()->addHeaders([$accept, ContentType::fromString('Content-type: application/json')]);
     $this->dispatch('/rest/recoverpasswordtoken');
     $response = $this->getResponse();
     $result = json_decode($response->getContent(), true);
     $this->assertFalse(isset($result));
     $this->assertResponseStatusCode(201);
     $this->assertFalse($response->getHeaders()->has('Location'));
     //check the email
     $this->assertTrue(file_exists(__DIR__ . '/../../../../email/test_mail.tmp'));
     //second, use the code in the email to change the password
     $text = file_get_contents(__DIR__ . '/../../../../email/test_mail.tmp');
     preg_match('/\\/rest\\/recoverpasswordtoken\\/[a-zA-Z0-9]+/', $text, $match);
     $accept = new Accept();
     $accept->addMediaType('application/json');
     $this->getRequest()->setMethod(Request::METHOD_PUT)->setContent('{"password": "******"}')->getHeaders()->addHeaders([$accept, ContentType::fromString('Content-type: application/json')]);
     $this->dispatch($match[0]);
     $response = $this->getResponse();
     $result = json_decode($response->getContent(), true);
     $this->assertFalse(isset($result));
     $this->assertResponseStatusCode(204);
     //add sys user
     $sysUser = new User();
     $sysUser->addRole('sys::authenticate');
     $this->shardServiceLocator->setAllowOverride(true);
     $this->shardServiceLocator->setService('user', $sysUser);
     $user = $this->documentManager->getRepository('Zoop\\GomiModule\\DataModel\\User')->findOneBy(['username' => 'toby']);
     $basicHashService = new BasicHashService();
     $this->assertTrue($basicHashService->hashValue('newPassword2', $user->getSalt()) == $user->getPassword());
 }
 /**
  * @param MvcEvent $event
  * @return mixed User
  */
 protected function getUser(MvcEvent $event)
 {
     $data = $event->getParam('data');
     $criteria = $this->getUserCriteria($data);
     $userRepository = $this->getDocumentManager()->getRepository($this->getUserClassName());
     $sysUser = new User();
     $sysUser->addRole('sys::authenticate');
     $serviceLocator = $this->options->getManifest()->getServiceManager();
     $allowOverride = $serviceLocator->getAllowOverride();
     $serviceLocator->setAllowOverride(true);
     $serviceLocator->setService('user', $sysUser);
     $user = $userRepository->findOneBy($criteria);
     $sysUser->removeRole('sys::recoverpassword');
     if (!isset($user)) {
         $serviceLocator->setAllowOverride($allowOverride);
         throw new Exception\DocumentNotFoundException();
     }
     $serviceLocator->setService('user', $user);
     $serviceLocator->setAllowOverride($allowOverride);
     return $user;
 }