public function changePassword($userId, $oldPassword, $newPassword) { $oldPassword = self::removeCapsLock($oldPassword); $newPassword = self::removeCapsLock($newPassword); $row = $this->database->table(self::TABLE_NAME)->where(self::COLUMN_ID, $userId)->fetch(); if (!$row) { throw new Nette\Security\AuthenticationException('Při změně hesla došlo k chybě.', self::IDENTITY_NOT_FOUND); } elseif (!Passwords::verify($oldPassword, $row[self::COLUMN_PASSWORD_HASH])) { throw new Nette\Security\AuthenticationException('Zadané staré heslo je neplatné.', self::INVALID_CREDENTIAL); } elseif (Passwords::needsRehash($row[self::COLUMN_PASSWORD_HASH])) { $row->update(array(self::COLUMN_PASSWORD_HASH => Passwords::hash($oldPassword))); } $row->update(array(self::COLUMN_PASSWORD_HASH => Passwords::hash($newPassword))); }
/** * Performs an authentication. * @return Nette\Security\Identity * @throws Nette\Security\AuthenticationException */ public function authenticate(array $credentials) { list($username, $password) = $credentials; $row = $this->database->table(self::TABLE_NAME)->where(self::COLUMN_NAME, $username)->fetch(); if (!$row) { throw new Nette\Security\AuthenticationException('The username is incorrect.', self::IDENTITY_NOT_FOUND); } elseif (!Passwords::verify($password, $row[self::COLUMN_PASSWORD_HASH])) { throw new Nette\Security\AuthenticationException('The password is incorrect.', self::INVALID_CREDENTIAL); } elseif (Passwords::needsRehash($row[self::COLUMN_PASSWORD_HASH])) { $row->update(array(self::COLUMN_PASSWORD_HASH => Passwords::hash($password))); } $arr = $row->toArray(); unset($arr[self::COLUMN_PASSWORD_HASH]); return new Nette\Security\Identity($row[self::COLUMN_ID], $row[self::COLUMN_ROLE], $arr); }
/** * Performs an authentication. * @return Nette\Security\Identity * @throws Nette\Security\AuthenticationException */ public function authenticate(array $credentials) { list($username, $password) = $credentials; $row = $this->database->table(self::TABLE_NAME)->where(self::AUTH_SERVICE, "songator")->where(self::COLUMN_NAME . ' = ? OR ' . self::COLUMN_EMAIL . ' = ?', $username, $username)->fetch(); $hash = Passwords::hash($password); /* dump($hash); dump(Passwords::verify($password, $hash)); */ if (!$row) { throw new Nette\Security\AuthenticationException('Uživatelské jméno nebo email nejsou platné', self::IDENTITY_NOT_FOUND); } elseif (!Passwords::verify($password, $row[self::COLUMN_PASSWORD_HASH])) { throw new Nette\Security\AuthenticationException('Neplatné heslo', self::INVALID_CREDENTIAL); } elseif (Passwords::needsRehash($row[self::COLUMN_PASSWORD_HASH])) { $row->update(array(self::COLUMN_PASSWORD_HASH => Passwords::hash($password))); } $arr = $row->toArray(); unset($arr[self::COLUMN_PASSWORD_HASH]); return new Nette\Security\Identity($row[self::COLUMN_ID], $row[self::COLUMN_ROLE], $arr); }