Checks the password hash length. Used as a sanity check.
public static checkPasswordHash ( string $passwordHash, string $exceptionMessage ) | ||
$passwordHash | string | The password hash to check. |
$exceptionMessage | string | Message of the exception thrown. |
/** * Sets the password hash to use when authentication. * * @param string $passwordHash The password hash. */ public function setPasswordHash($passwordHash) { if ($passwordHash === null) { $this->hashedPassword = null; return; } // check that the password hash is valid (sanity check) UsersManager::checkPasswordHash($passwordHash, Piwik::translate('Login_ExceptionPasswordMD5HashExpected')); $this->hashedPassword = $passwordHash; }
/** * Checks the password hash that was retrieved from the Option table. Used as a sanity check * when finishing the reset password process. If a password is obviously malformed, changing * a user's password to it will keep the user from being able to login again. * * Derived classes can override this method to provide fewer or more checks. * * @param string $passwordHash The password hash to check. * @throws Exception if the password hash length is incorrect. */ protected function checkPasswordHash($passwordHash) { UsersManager::checkPasswordHash($passwordHash, Piwik::translate('Login_ExceptionPasswordMD5HashExpected')); }
/** * Generates a unique MD5 for the given login & password * * @param string $userLogin Login * @param string $md5Password hashed string of the password (using current hash function; MD5-named for historical reasons) * @return string */ public function getTokenAuth($userLogin, $md5Password) { UsersManager::checkPasswordHash($md5Password, Piwik::translate('UsersManager_ExceptionPasswordMD5HashExpected')); return md5($userLogin . $md5Password); }
/** * Returns the user's API token. * * If the username/password combination is incorrect an invalid token will be returned. * * @param string $userLogin Login * @param string $md5Password hashed string of the password (using current hash function; MD5-named for historical reasons) * @return string */ public function getTokenAuth($userLogin, $md5Password) { UsersManager::checkPasswordHash($md5Password, Piwik::translate('UsersManager_ExceptionPasswordMD5HashExpected')); $user = $this->model->getUser($userLogin); if (!$this->password->verify($md5Password, $user['password'])) { return md5($userLogin . microtime(true) . Common::generateUniqId()); } if ($this->password->needsRehash($user['password'])) { $this->updateUser($userLogin, $this->password->hash($md5Password)); } return $user['token_auth']; }