public function testVerifyPasswordHash()
{
$password = '******';
$prefix = Blowfish::getPrefix();
$crypt = new PasswordLib();
$test = $crypt->createPasswordHash($password, $prefix);
$this->assertTrue($crypt->verifyPasswordHash($password, $test));
}
/**
* Hash user passwords on save.
*
* @param Entity\Users $usersEntity
*/
protected function passwordHash(Entity\Users $usersEntity)
{
if ($usersEntity->getShadowSave()) {
return;
} elseif ($usersEntity->getPassword() && $usersEntity->getPassword() !== '**dontchange**') {
$crypt = new PasswordLib();
$usersEntity->setPassword($crypt->createPasswordHash($usersEntity->getPassword(), '$2a$', ['cost' => $this->hashStrength]));
} else {
unset($usersEntity->password);
}
}
/**
* Sends email with password request. Accepts email or username.
*
* @param string $username
* @param string $remoteIP
*
* @return boolean
*/
public function resetPasswordRequest($username, $remoteIP)
{
$userEntity = $this->app['storage']->getRepository('Bolt\\Storage\\Entity\\Users')->getUser($username);
if (!$userEntity) {
// For safety, this is the message we display, regardless of whether user exists.
$this->app['logger.flash']->info(Trans::__("A password reset link has been sent to '%user%'.", ['%user%' => $username]));
return false;
}
// Generate shadow password and hash
$crypt = new PasswordLib();
$cost = $this->app['access_control.hash.strength'];
$shadowPassword = $this->app['randomgenerator']->generateString(12);
$shadowPasswordHash = $crypt->createPasswordHash($shadowPassword, '$2a$', ['cost' => $cost]);
// Generate shadow token and hash
$shadowToken = $this->app['randomgenerator']->generateString(32);
$shadowTokenHash = md5($shadowToken . '-' . str_replace('.', '-', $remoteIP));
// Set the shadow password and related stuff in the database.
$userEntity->setShadowpassword($shadowPasswordHash);
$userEntity->setShadowtoken($shadowTokenHash);
$userEntity->setShadowvalidity(Carbon::create()->addHours(2));
$this->app['storage']->getRepository('Bolt\\Storage\\Entity\\Users')->save($userEntity);
$mailoptions = $this->app['config']->get('general/mailoptions');
// PHP 5.4 compatibility
if (empty($mailoptions)) {
$this->app['logger.flash']->error(Trans::__("The email configuration setting 'mailoptions' hasn't been set. Bolt may be unable to send password reset."));
}
// Sent the password reset notification
$this->resetPasswordNotification($userEntity, $shadowPassword, $shadowToken);
return true;
}
