/** * authenticate method using Doctrine_Core * @param string $username * @param string $password * @throws Exception * @return Model_User */ public static function authenticate($username, $password) { $user = Doctrine_Core::getTable('Model_User')->findOneByUsername($username); if ($user) { $salt = new My_Auth_Salt(); $salt->setDynamicSaltString($user->saltstring); $salt->setPassword($password); $seasonedpassword = $salt->getEncryptedPassword(); if ($user->password == $seasonedpassword) { return $user; } throw new Exception(self::WRONG_PW); } throw new Exception(self::NOT_FOUND); }
public function changePasswordAction() { $config = new Zend_Config_Ini(APPLICATION_PATH . '/forms/user.ini', 'change-password'); $this->view->form = new Zend_Form($config->user); if ($this->getRequest()->isPost()) { $user = Zend_Auth::getInstance()->getIdentity(); $salt = new My_Auth_Salt(); $salt->setDynamicSaltString($user->saltstring); $salt->setPassword($this->_getParam('oldpassword')); $seasonedpassword = $salt->getEncryptedPassword(); if ($user->password == $seasonedpassword) { $salt = new My_Auth_Salt($this->_getParam('newpassword'), 40); $user->saltstring = $salt->getDynamicSaltString(); $user->password = $salt->getEncryptedPassword(); $user->save(); $this->_redirect('/user/'); } else { $this->view->message = 'Old Password does not match!'; } } }