public static function setUpBeforeClass() { parent::setUpBeforeClass(); \Rhubarb\Crown\Encryption\HashProvider::SetHashProviderClassName("Rhubarb\\Crown\\Encryption\\Sha512HashProvider"); $user = new \Rhubarb\Stem\Tests\Fixtures\User(); $user->Username = "******"; $user->Password = '******'; $user->Active = false; $user->save(); $user = new \Rhubarb\Stem\Tests\Fixtures\User(); $user->Username = "******"; $user->Password = '******'; $user->Active = true; // This secret property is used to test the model object is returned correctly. $user->SecretProperty = "111222"; $user->save(); // This rogue entry is to make sure that we can't login with no username // even if there happens to be someone with no username. $user = new \Rhubarb\Stem\Tests\Fixtures\User(); $user->Username = ""; $user->Password = ""; $user->save(); }
public function login($username, $password) { // We don't allow spaces around our usernames and passwords $username = trim($username); $password = trim($password); if ($username == "") { throw new LoginFailedException(); } $list = new Collection($this->modelClassName); $list->filter(new Equals($this->usernameColumnName, $username)); if (!sizeof($list)) { throw new LoginFailedException(); } $hashProvider = HashProvider::getHashProvider(); // There should only be one user matching the username. It would be possible to support // unique *combinations* of username and password but it's a potential security issue and // could trip us up when supporting the project. if (sizeof($list) > 1) { throw new LoginFailedException(); } $user = $list[0]; $this->checkUserIsPermitted($user); // Test the password matches. $userPasswordHash = $user[$this->passwordColumnName]; if ($hashProvider->compareHash($password, $userPasswordHash)) { // Matching login - but is it enabled? if ($this->isModelActive($user)) { $this->LoggedIn = true; $this->LoggedInUserIdentifier = $user->getUniqueIdentifier(); $this->storeSession(); return true; } else { throw new LoginDisabledException(); } } throw new LoginFailedException(); }
protected function registerDependantModules() { Module::registerModule(new LayoutModule('\\Project\\Liberty\\Layouts\\DefaultLayout')); HashProvider::setHashProviderClassName('Rhubarb\\Crown\\Encryption\\Sha512HashProvider'); }
protected function registerDependantModules() { Module::registerModule(new LayoutModule('\\Your\\WebApp\\Layouts\\DefaultLayout')); Module::registerModule(new AuthenticationWithRolesModule(CustomLoginProvider::class)); HashProvider::setHashProviderClassName('Rhubarb\\Crown\\Encryption\\Sha512HashProvider'); }