public function testValidateAutoLoginToken()
 {
     $enc = new PasswordEncryptor_Blowfish();
     $m1 = new Member();
     $m1->PasswordEncryption = 'blowfish';
     $m1->Salt = $enc->salt('123');
     $m1Token = $m1->generateAutologinTokenAndStoreHash();
     $m2 = new Member();
     $m2->PasswordEncryption = 'blowfish';
     $m2->Salt = $enc->salt('456');
     $m2Token = $m2->generateAutologinTokenAndStoreHash();
     $this->assertTrue($m1->validateAutoLoginToken($m1Token), 'Passes token validity test against matching member.');
     $this->assertFalse($m2->validateAutoLoginToken($m1Token), 'Fails token validity test against other member.');
 }
 public function testEncryptorBlowfish()
 {
     Config::inst()->update('SilverStripe\\Security\\PasswordEncryptor', 'encryptors', ['test_blowfish' => ['SilverStripe\\Security\\PasswordEncryptor_Blowfish' => '']]);
     $e = PasswordEncryptor::create_for_algorithm('test_blowfish');
     $password = '******';
     $salt = $e->salt($password);
     $modSalt = substr($salt, 0, 3) . str_shuffle(substr($salt, 3, strlen($salt)));
     $this->assertTrue($e->checkAEncryptionLevel() == 'y' || $e->checkAEncryptionLevel() == 'x' || $e->checkAEncryptionLevel() == 'a');
     $this->assertTrue($e->check($e->encrypt($password, $salt), "mypassword", $salt));
     $this->assertFalse($e->check($e->encrypt($password, $salt), "anotherpw", $salt));
     $this->assertFalse($e->check($e->encrypt($password, $salt), "mypassword", $modSalt));
     PasswordEncryptor_Blowfish::set_cost(1);
     $salt = $e->salt($password);
     $modSalt = substr($salt, 0, 3) . str_shuffle(substr($salt, 3, strlen($salt)));
     $this->assertNotEquals(1, PasswordEncryptor_Blowfish::get_cost());
     $this->assertEquals(4, PasswordEncryptor_Blowfish::get_cost());
     $this->assertTrue($e->check($e->encrypt($password, $salt), "mypassword", $salt));
     $this->assertFalse($e->check($e->encrypt($password, $salt), "anotherpw", $salt));
     $this->assertFalse($e->check($e->encrypt($password, $salt), "mypassword", $modSalt));
     PasswordEncryptor_Blowfish::set_cost(11);
     $salt = $e->salt($password);
     $modSalt = substr($salt, 0, 3) . str_shuffle(substr($salt, 3, strlen($salt)));
     $this->assertEquals(11, PasswordEncryptor_Blowfish::get_cost());
     $this->assertTrue($e->check($e->encrypt($password, $salt), "mypassword", $salt));
     $this->assertFalse($e->check($e->encrypt($password, $salt), "anotherpw", $salt));
     $this->assertFalse($e->check($e->encrypt($password, $salt), "mypassword", $modSalt));
     PasswordEncryptor_Blowfish::set_cost(35);
     $this->assertNotEquals(35, PasswordEncryptor_Blowfish::get_cost());
     $this->assertEquals(31, PasswordEncryptor_Blowfish::get_cost());
     //Don't actually test this one. It takes too long. 31 takes too long to process
 }