If the username/password combination is incorrect an invalid token will be returned.
private function _checkUserHasNotChanged($user, $newPassword, $newEmail = null, $newAlias = null)
{
if (is_null($newEmail)) {
$newEmail = $user['email'];
}
if (is_null($newAlias)) {
$newAlias = $user['alias'];
}
$userAfter = $this->api->getUser($user["login"]);
unset($userAfter['date_registered']);
// we now compute what the token auth should be, it should always be a hash of the login and the current password
// if the password has changed then the token_auth has changed!
$user['token_auth'] = $this->api->getTokenAuth($user["login"], md5($newPassword));
$user['password'] = md5($newPassword);
$user['email'] = $newEmail;
$user['alias'] = $newAlias;
$user['superuser_access'] = 0;
$this->assertEquals($user, $userAfter);
}
/**
* Authenticates the user.
*
* Derived classes can override this method to customize authentication logic or impose
* extra requirements on the user trying to login.
*
* @param AuthInterface $auth The Auth implementation to use when authenticating.
* @return AuthResult
*/
protected function doAuthenticateSession(AuthInterface $auth)
{
$login = $auth->getLogin();
$tokenAuthSecret = null;
try {
$tokenAuthSecret = $auth->getTokenAuthSecret();
} catch (Exception $ex) {
Log::debug("SessionInitializer::doAuthenticateSession: token_auth secret for %s not available before user" . " is authenticated.", $login);
}
$tokenAuth = empty($tokenAuthSecret) ? null : $this->usersManagerAPI->getTokenAuth($login, $tokenAuthSecret);
/**
* @deprecated Create a custom SessionInitializer instead.
*/
Piwik::postEvent('Login.authenticate', array($auth->getLogin(), $tokenAuth));
return $auth->authenticate();
}
protected function makeSuccessLogin($userInfo)
{
$successCode = $userInfo['superuser_access'] ? AuthResult::SUCCESS_SUPERUSER_AUTH_CODE : AuthResult::SUCCESS;
$tokenAuth = $this->usersManagerAPI->getTokenAuth($userInfo['login'], $this->getTokenAuthSecret());
return new AuthResult($successCode, $userInfo['login'], $tokenAuth);
}
