private function authenticateWithPassword($login, $passwordHash) { $user = $this->userModel->getUser($login); if (empty($user['login'])) { return new AuthResult(AuthResult::FAILURE, $login, null); } if ($this->passwordHelper->verify($passwordHash, $user['password'])) { if ($this->passwordHelper->needsRehash($user['password'])) { $newPasswordHash = $this->passwordHelper->hash($passwordHash); $this->userModel->updateUser($login, $newPasswordHash, $user['email'], $user['alias'], $user['token_auth']); } return $this->authenticationSuccess($user); } return new AuthResult(AuthResult::FAILURE, $login, null); }
/** * Returns the user's API token. * * If the username/password combination is incorrect an invalid token will be returned. * * @param string $userLogin Login * @param string $md5Password hashed string of the password (using current hash function; MD5-named for historical reasons) * @return string */ public function getTokenAuth($userLogin, $md5Password) { UsersManager::checkPasswordHash($md5Password, Piwik::translate('UsersManager_ExceptionPasswordMD5HashExpected')); $user = $this->model->getUser($userLogin); if (!$this->password->verify($md5Password, $user['password'])) { return md5($userLogin . microtime(true) . Common::generateUniqId()); } if ($this->password->needsRehash($user['password'])) { $this->updateUser($userLogin, $this->password->hash($md5Password)); } return $user['token_auth']; }
/** * Stores password reset info for a specific login. * * @param string $login The user login for whom a password change was requested. * @param string $newPassword The new password to set. */ private function savePasswordResetInfo($login, $newPassword) { $optionName = $this->getPasswordResetInfoOptionName($login); $optionData = $this->passwordHelper->hash(UsersManager::getPasswordHash($newPassword)); Option::set($optionName, $optionData); }