Neos\Flow\Security\Authentication\Provider\PersistedUsernamePasswordProvider::authenticate PHP Метод

Документация по классу PersistedUsernamePasswordProvider Usage Examples Of Neos\Flow\Security\Authentication\Provider\PersistedUsernamePasswordProvider::authenticate Показать файл Открыть проект

authenticate() публичный Метод

Checks the given token for validity and sets the token authentication status accordingly (success, wrong credentials or no credentials given).
public authenticate ( Neos\Flow\Security\Authentication\TokenInterface $authenticationToken ) : void
$authenticationToken Neos\Flow\Security\Authentication\TokenInterface The token to be authenticated
Результат void 
    public function authenticate(TokenInterface $authenticationToken)
    {
        if (!$authenticationToken instanceof UsernamePassword) {
            throw new UnsupportedAuthenticationTokenException('This provider cannot authenticate the given token.', 1217339840);
        }
        /** @var $account Account */
        $account = null;
        $credentials = $authenticationToken->getCredentials();
        if ($authenticationToken->getAuthenticationStatus() !== TokenInterface::AUTHENTICATION_SUCCESSFUL) {
            $authenticationToken->setAuthenticationStatus(TokenInterface::NO_CREDENTIALS_GIVEN);
        }
        if (!is_array($credentials) || !isset($credentials['username']) || !isset($credentials['password'])) {
            return;
        }
        $providerName = $this->name;
        $accountRepository = $this->accountRepository;
        $this->securityContext->withoutAuthorizationChecks(function () use($credentials, $providerName, $accountRepository, &$account) {
            $account = $accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($credentials['username'], $providerName);
        });
        $authenticationToken->setAuthenticationStatus(TokenInterface::WRONG_CREDENTIALS);
        if ($account === null) {
            $this->hashService->validatePassword($credentials['password'], 'bcrypt=>$2a$14$DummySaltToPreventTim,.ingAttacksOnThisProvider');
            return;
        }
        if ($this->hashService->validatePassword($credentials['password'], $account->getCredentialsSource())) {
            $account->authenticationAttempted(TokenInterface::AUTHENTICATION_SUCCESSFUL);
            $authenticationToken->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL);
            $authenticationToken->setAccount($account);
        } else {
            $account->authenticationAttempted(TokenInterface::WRONG_CREDENTIALS);
        }
        $this->accountRepository->update($account);
        $this->persistenceManager->whitelistObject($account);
    }

Usage Example

Пример #1
0
 /**
  * @test
  */
 public function authenticationWithCorrectCredentialsResetsFailedAuthenticationCount()
 {
     $this->authenticationToken->_set('credentials', ['username' => 'username', 'password' => 'wrongPW']);
     $this->persistedUsernamePasswordProvider->authenticate($this->authenticationToken);
     $account = $this->accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName('username', 'myTestProvider');
     $this->assertEquals(1, $account->getFailedAuthenticationCount());
     $this->authenticationToken->_set('credentials', ['username' => 'username', 'password' => 'password']);
     $this->persistedUsernamePasswordProvider->authenticate($this->authenticationToken);
     $account = $this->accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName('username', 'myTestProvider');
     $this->assertEquals((new \DateTime())->format(\DateTime::W3C), $account->getLastSuccessfulAuthenticationDate()->format(\DateTime::W3C));
     $this->assertEquals(0, $account->getFailedAuthenticationCount());
 }
All Usage Examples Of Neos\Flow\Security\Authentication\Provider\PersistedUsernamePasswordProvider::authenticate
PersistedUsernamePasswordProvider
authenticate
getTokenClassNames