Bolt\AccessControl\Password::resetPasswordConfirm PHP Méthode

Password Class Documentation Usage Examples Of Bolt\AccessControl\Password::resetPasswordConfirm Afficher le fichier Open project: bolt/bolt

resetPasswordConfirm() public méthode

Handle a password reset confirmation.

public resetPasswordConfirm ( string $token, string $remoteIP, Symfony\Component\EventDispatcher\Event $event ) : boolean
$token	string
$remoteIP	string
$event	Symfony\Component\EventDispatcher\Event
Résultat	boolean

    public function resetPasswordConfirm($token, $remoteIP, Event $event)
    {
        // Hash the remote caller's IP with the token
        $tokenHash = md5($token . '-' . str_replace('.', '-', $remoteIP));
        /** @var UsersRepository $repo */
        $repo = $this->app['storage']->getRepository('Bolt\\Storage\\Entity\\Users');
        if ($userEntity = $repo->getUserShadowAuth($tokenHash)) {
            $userAuth = $repo->getUserAuthData($userEntity->getId());
            // Update entries
            $userEntity->setPassword($userAuth->getShadowpassword());
            $userEntity->setShadowpassword(null);
            $userEntity->setShadowtoken(null);
            $userEntity->setShadowvalidity(null);
            $this->app['storage']->getRepository('Bolt\\Storage\\Entity\\Users')->save($userEntity);
            $this->app['logger.flash']->clear();
            $this->app['logger.flash']->success(Trans::__('general.access-control.reset-successful'));
            $this->app['dispatcher']->dispatch(AccessControlEvents::RESET_SUCCESS, $event);
            return true;
        } else {
            // That was not a valid token, or too late, or not from the correct IP.
            $this->app['logger.system']->error('Somebody tried to reset a password with an invalid token.', ['event' => 'authentication']);
            $this->app['logger.flash']->error(Trans::__('general.access-control.reset-failed'));
            $this->app['dispatcher']->dispatch(AccessControlEvents::RESET_FAILURE, $event);
            return false;
        }
    }

Usage Example

Exemple #1

Afficher le fichier

Fichier : PasswordTest.php Projet : robbert-vdh/bolt

 public function testResetPasswordConfirmInvalidToken()
 {
     $app = $this->getApp();
     $this->addDefaultUser($app);
     $entityName = 'Bolt\\Storage\\Entity\\Users';
     $repo = $app['storage']->getRepository($entityName);
     $logger = $this->getMock('\\Monolog\\Logger', ['error'], ['testlogger']);
     $logger->expects($this->atLeastOnce())->method('error')->with($this->equalTo('Somebody tried to reset a password with an invalid token.'));
     $app['logger.system'] = $logger;
     $shadowToken = $app['randomgenerator']->generateString(32);
     $userEntity = $repo->getUser('admin');
     $userEntity->setShadowpassword('hash-my-password');
     $userEntity->setShadowtoken('this should not work');
     $userEntity->setShadowvalidity(Carbon::create()->addHours(2));
     $repo->save($userEntity);
     $event = new AccessControlEvent(Request::createFromGlobals());
     $password = new Password($app);
     $result = $password->resetPasswordConfirm($shadowToken, '8.8.8.8', $event);
     $this->assertFalse($result);
 }

Password

__construct

resetPasswordConfirm

resetPasswordNotification

resetPasswordRequest

setRandomPassword