/**
* Tests UserLoginData->resetPassword()
*/
public function testResetPassword()
{
// check start
$this->assertNull($this->UserLoginData->getPasswordHashKey());
$this->dummyPartner->setNumPrevPassToKeep(3);
$this->dummyPartner->save();
// set first password
$pass1 = $this->UserLoginData->resetPassword();
$this->assertTrue($this->UserLoginData->isPasswordValid($pass1));
// no reset when old password is wrong
$pass2 = uniqid();
$this->assertNull($this->UserLoginData->resetPassword($pass2, uniqid()));
$this->assertNull($this->UserLoginData->resetPassword($pass2, null));
$this->assertNull($this->UserLoginData->resetPassword($pass2, ''));
$this->assertNull($this->UserLoginData->resetPassword($pass2, 0));
// reset password with right old password
$pass2_2 = $this->UserLoginData->resetPassword($pass2, $pass1);
$this->assertEquals($pass2, $pass2_2);
$this->assertFalse($this->UserLoginData->isPasswordValid($pass1));
$this->assertTrue($this->UserLoginData->isPasswordValid($pass2));
// set parameters for later check [*] below
$this->UserLoginData->setLoginAttempts(3);
$this->UserLoginData->setLoginBlockedUntil(time());
$this->assertEquals(3, $this->UserLoginData->getLoginAttempts());
$this->assertNotNull($this->UserLoginData->getLoginBlockedUntil());
// check password used before
$pass3 = uniqid();
$this->UserLoginData->resetPassword($pass3, $pass2_2);
$this->assertFalse($this->UserLoginData->passwordUsedBefore($pass1));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass2));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass3));
$pass4 = uniqid();
$this->UserLoginData->resetPassword($pass4, $pass3);
$pass5 = uniqid();
$this->UserLoginData->resetPassword($pass5, $pass4);
$this->assertFalse($this->UserLoginData->passwordUsedBefore($pass1));
$this->assertFalse($this->UserLoginData->passwordUsedBefore($pass2));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass3));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass4));
$this->assertTrue($this->UserLoginData->passwordUsedBefore($pass5));
// check changed parameters [*]
$this->assertEquals(0, $this->UserLoginData->getLoginAttempts());
$this->assertNull($this->UserLoginData->getLoginBlockedUntil());
$this->assertNotNull($this->UserLoginData->getPasswordHashKey());
// check new hash key validity
$dataFromHash = UserLoginDataPeer::isHashKeyValid($this->UserLoginData->getPasswordHashKey());
$this->assertEquals($this->UserLoginData->getId(), $dataFromHash->getId());
}
private static function userLogin(UserLoginData $loginData = null, $password, $partnerId = null, $validatePassword = true)
{
$requestedPartner = $partnerId;
if (!$loginData) {
throw new kUserException('', kUserException::LOGIN_DATA_NOT_FOUND);
}
// check if password is valid
if ($validatePassword && !$loginData->isPasswordValid($password)) {
if (time() < $loginData->getLoginBlockedUntil(null)) {
throw new kUserException('', kUserException::LOGIN_BLOCKED);
}
if ($loginData->getLoginAttempts() + 1 >= $loginData->getMaxLoginAttempts()) {
$loginData->setLoginBlockedUntil(time() + $loginData->getLoginBlockPeriod());
$loginData->setLoginAttempts(0);
$loginData->save();
throw new kUserException('', kUserException::LOGIN_RETRIES_EXCEEDED);
}
$loginData->incLoginAttempts();
$loginData->save();
throw new kUserException('', kUserException::WRONG_PASSWORD);
}
if (time() < $loginData->getLoginBlockedUntil(null)) {
throw new kUserException('', kUserException::LOGIN_BLOCKED);
}
$loginData->setLoginAttempts(0);
$loginData->save();
$passUpdatedAt = $loginData->getPasswordUpdatedAt(null);
if ($passUpdatedAt && time() > $passUpdatedAt + $loginData->getPassReplaceFreq()) {
throw new kUserException('', kUserException::PASSWORD_EXPIRED);
}
if (!$partnerId) {
$partnerId = $loginData->getLastLoginPartnerId();
}
if (!$partnerId) {
throw new kUserException('', kUserException::INVALID_PARTNER);
}
$partner = PartnerPeer::retrieveByPK($partnerId);
$kuser = kuserPeer::getByLoginDataAndPartner($loginData->getId(), $partnerId);
if (!$kuser || $kuser->getStatus() != KuserStatus::ACTIVE || !$partner || $partner->getStatus() != Partner::PARTNER_STATUS_ACTIVE) {
// if a specific partner was requested - throw error
if ($requestedPartner) {
if ($partner && $partner->getStatus() != Partner::PARTNER_STATUS_ACTIVE) {
throw new kUserException('', kUserException::USER_IS_BLOCKED);
} else {
if ($kuser && $kuser->getStatus() == KuserStatus::BLOCKED) {
throw new kUserException('', kUserException::USER_IS_BLOCKED);
} else {
throw new kUserException('', kUserException::USER_NOT_FOUND);
}
}
}
// if kuser was found, keep status for following exception message
$kuserStatus = $kuser ? $kuser->getStatus() : null;
// if no specific partner was requested, but last logged in partner is not available, login to first found partner
$kuser = null;
$kuser = self::findFirstValidKuser($loginData->getId(), $partnerId);
if (!$kuser) {
if ($kuserStatus === KuserStatus::BLOCKED) {
throw new kUserException('', kUserException::USER_IS_BLOCKED);
}
throw new kUserException('', kUserException::USER_NOT_FOUND);
}
}
if ($kuser->getIsAdmin() && !in_array($kuser->getPartnerId(), kConf::get('no_save_of_last_login_partner_for_partner_ids'))) {
$loginData->setLastLoginPartnerId($kuser->getPartnerId());
}
$loginData->save();
$kuser->setLastLoginTime(time());
$kuser->save();
return $kuser;
}
