/**
* Set the field values
*
* @param array $values
* @param Auth $auth
* @return Login
*/
public function setFieldValues(array $values = null, Auth $auth = null)
{
parent::setFieldValues($values);
if ($_POST && null !== $this->username && null !== $this->password && null !== $auth) {
$auth->authenticate(html_entity_decode($this->username, ENT_QUOTES, 'UTF-8'), html_entity_decode($this->password, ENT_QUOTES, 'UTF-8'));
if (!$auth->isValid()) {
$this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'The login was not correct.'));
} else {
if (!$auth->adapter()->getUser()->verified) {
$this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is not verified.'));
} else {
if (!$auth->adapter()->getUser()->active) {
$this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is blocked.'));
} else {
$role = Table\Roles::findById($auth->adapter()->getUser()->role_id);
if (isset($role->id) && null !== $role->permissions) {
$permissions = unserialize($role->permissions);
if (isset($permissions['deny'])) {
foreach ($permissions['deny'] as $deny) {
if ($deny['resource'] == 'login') {
$this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is not allowed to login.'));
}
}
}
}
}
}
}
}
return $this;
}
/**
* Set the field values
*
* @param array $values
* @param Auth $auth
* @return Login
*/
public function setFieldValues(array $values = null, Auth $auth = null)
{
parent::setFieldValues($values);
if ($_POST && null !== $this->username && null !== $this->password && null !== $auth) {
$auth->authenticate(html_entity_decode($this->username, ENT_QUOTES, 'UTF-8'), html_entity_decode($this->password, ENT_QUOTES, 'UTF-8'));
if (!$auth->isValid()) {
$this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'The login was not correct.'));
} else {
if (!$auth->adapter()->getUser()->verified) {
$this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is not verified.'));
} else {
if (!$auth->adapter()->getUser()->active) {
$this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is blocked.'));
}
}
}
}
return $this;
}
public function testPasswordEncryption()
{
$a = new Auth(new File(__DIR__ . '/../tmp/access.txt'), Auth::ENCRYPT_MD5);
$a->authenticate('testuser1', '12test34');
$this->assertFalse($a->isValid());
unset($a);
$a = new Auth(new File(__DIR__ . '/../tmp/access.txt'), Auth::ENCRYPT_SHA1);
$a->authenticate('testuser1', '12test34');
$this->assertFalse($a->isValid());
unset($a);
$a = new Auth(new File(__DIR__ . '/../tmp/access.txt'), Auth::ENCRYPT_CRYPT, array('salt' => 'abcdefg'));
$a->authenticate('testuser1', '12test34');
$this->assertFalse($a->isValid());
}
<?php
require_once '../../bootstrap.php';
use Pop\Auth;
try {
// Set the username and password
$username = '******';
$password = '******';
// Create auth object
$auth = new Auth\Auth(new Auth\Adapter\File('../assets/files/access-crypt.txt'), Auth\Auth::ENCRYPT_CRYPT);
// Define some other auth parameters and authenticate the user
$auth->setAttemptLimit(3)->setAttempts(2)->setAllowedIps('127.0.0.1')->authenticate($username, $password);
echo $auth->getResultMessage() . '<br /> ' . PHP_EOL;
// Check if the auth attempt is valid
if ($auth->isValid()) {
// The user is valid so do top-secret stuff
}
} catch (\Exception $e) {
echo $e->getMessage() . PHP_EOL . PHP_EOL;
}
