/** * @param \TYPO3\FLOW3\Security\Account $account * @param array $password * @FLOW3\Validate(argumentName="password", type="\TYPO3\TYPO3\Validation\Validator\PasswordValidator", options={ "allowEmpty"=1, "minimum"=1, "maximum"=255 }) * @return void * @todo Handle validation errors for account (accountIdentifier) & check if there's another account with the same accountIdentifier when changing it * @todo Security */ public function updateAction(\TYPO3\FLOW3\Security\Account $account, array $password = array()) { $password = array_shift($password); if (strlen(trim(strval($password))) > 0) { $account->setCredentialsSource($this->hashService->hashPassword($password, 'default')); } $this->accountRepository->update($account); $this->partyRepository->update($account->getParty()); $this->addFlashMessage('The user profile has been updated.'); $this->redirect('index'); }
/** * Creates a new account and sets the given password and roles * * @param string $identifier Identifier of the account, must be unique * @param string $password The clear text password * @param array $roleIdentifiers Optionally an array of role identifiers to assign to the new account * @param string $authenticationProviderName Optional name of the authentication provider the account is affiliated with * @param string $passwordHashingStrategy Optional password hashing strategy to use for the password * @return \TYPO3\FLOW3\Security\Account A new account, not yet added to the account repository */ public function createAccountWithPassword($identifier, $password, $roleIdentifiers = array(), $authenticationProviderName = 'DefaultProvider', $passwordHashingStrategy = 'default') { $roles = array(); foreach ($roleIdentifiers as $roleIdentifier) { $roles[] = new \TYPO3\FLOW3\Security\Policy\Role($roleIdentifier); } $account = new \TYPO3\FLOW3\Security\Account(); $account->setAccountIdentifier($identifier); $account->setCredentialsSource($this->hashService->hashPassword($password, $passwordHashingStrategy)); $account->setAuthenticationProviderName($authenticationProviderName); $account->setRoles($roles); return $account; }
/** * Set a new password for the given user * * This allows for setting a new password for an existing user account. * * @param string $username Username of the account to modify * @param string $password The new password * @return void */ public function setPasswordCommand($username, $password) { $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, 'Typo3BackendProvider'); if (!$account instanceof \TYPO3\FLOW3\Security\Account) { $this->outputLine('User "%s" does not exists.', array($username)); $this->quit(1); } $account->setCredentialsSource($this->hashService->hashPassword($password, 'default')); $this->accountRepository->update($account); $this->outputLine('The new password for user "%s" was set.', array($username)); }
/** * @test */ public function hashPasswordWillIncludeStrategyIdentifierInHashedPassword() { $settings = array('security' => array('cryptography' => array('hashingStrategies' => array('TestStrategy' => 'TYPO3\\FLOW3\\Test\\TestStrategy')))); $this->hashService->injectSettings($settings); $mockStrategy = $this->getMock('TYPO3\\FLOW3\\Security\\Cryptography\\PasswordHashingStrategyInterface'); $mockStrategy->expects($this->any())->method('hashPassword')->will($this->returnValue('---hashed-password---')); $mockObjectManager = $this->getMock('TYPO3\\FLOW3\\Object\\ObjectManagerInterface'); $mockObjectManager->expects($this->any())->method('get')->will($this->returnValue($mockStrategy)); \TYPO3\FLOW3\Reflection\ObjectAccess::setProperty($this->hashService, 'objectManager', $mockObjectManager, TRUE); $result = $this->hashService->hashPassword('myTestPassword', 'TestStrategy'); $this->assertEquals('TestStrategy=>---hashed-password---', $result); }
/** * Persists a key to the file system * * @param string $name * @param string $password * @return void * @throws \TYPO3\FLOW3\Security\Exception */ protected function persistKey($name, $password) { $hashedPassword = $this->hashService->hashPassword($password, $this->passwordHashingStrategy); $keyPathAndFilename = $this->getKeyPathAndFilename($name); if (!is_dir($this->getPath())) { Files::createDirectoryRecursively($this->getPath()); } $result = file_put_contents($keyPathAndFilename, $hashedPassword); if ($result === FALSE) { throw new \TYPO3\FLOW3\Security\Exception(sprintf('The key could not be stored ("%s").', $keyPathAndFilename), 1305812921); } }
/** * @param string $password */ public function setPassword($password) { $account = $this->getPrimaryAccount(); $account->setCredentialsSource($this->hashService->hashPassword($password)); }