[ENTITY] Refactor LocalUser::changePassword for easier use

This commit is contained in:
Hugo Sales 2021-08-04 20:06:58 +00:00
parent 19318b3163
commit 27f2fbdade
Signed by: someonewithpc
GPG Key ID: 7D0C7EAFC9D835A0
2 changed files with 14 additions and 8 deletions

View File

@ -247,12 +247,12 @@ class GSActor extends Entity
}); });
} }
public function getSelfTags(): array public function getSelfTags(bool $_test_force_recompute = false): array
{ {
return Cache::get('selftags-' . $this->id, return Cache::get('selftags-' . $this->id,
function () { function () {
return DB::findBy('gsactor_tag', ['tagger' => $this->id, 'tagged' => $this->id]); return DB::findBy('gsactor_tag', ['tagger' => $this->id, 'tagged' => $this->id]);
}); }, beta: $_test_force_recompute ? INF : 1.0);
} }
public function setSelfTags(array $tags, array $existing): void public function setSelfTags(array $tags, array $existing): void

View File

@ -321,28 +321,34 @@ class LocalUser extends Entity implements UserInterface
} }
} }
public function checkPassword(string $new_password): bool /**
* When authenticating, check a user's password in a timing safe
* way. Will update the password by rehashing if deemed necessary
*/
public function checkPassword(string $password_plain_text): bool
{ {
// Timing safe password verification // Timing safe password verification
if (password_verify($new_password, $this->password)) { if (password_verify($password_plain_text, $this->password)) {
// Update old formats // Update old formats
if (password_needs_rehash($this->password, if (password_needs_rehash($this->password,
self::algoNameToConstant(Common::config('security', 'algorithm')), self::algoNameToConstant(Common::config('security', 'algorithm')),
Common::config('security', 'options')) Common::config('security', 'options'))
) { ) {
$this->changePassword($new_password, true); $this->changePassword(null, $password_plain_text, override: true);
} }
return true; return true;
} }
return false; return false;
} }
public function changePassword(string $new_password, bool $override = false): void public function changePassword(?string $old_password_plain_text, string $new_password_plain_text, bool $override = false): bool
{ {
if ($override || $this->checkPassword($new_password)) { if ($override || $this->checkPassword($old_password_plain_text)) {
$this->setPassword(self::hashPassword($new_password)); $this->setPassword(self::hashPassword($new_password_plain_text));
DB::flush(); DB::flush();
return true;
} }
return false;
} }
public static function hashPassword(string $password) public static function hashPassword(string $password)