eliseuamaro/gnu-social
1
0
Fork 0
forked from GNUsocial/gnu-social
Code Issues Pull Requests Releases Wiki Activity

[ENTITY] Refactor LocalUser::changePassword for easier use

Browse Source
This commit is contained in:
Hugo Sales
2021-08-04 20:06:58 +00:00
parent a590ddd85e
commit 05e10589c3
2 changed files with 14 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Entity/GSActor.php
View File

@@ -247,12 +247,12 @@ class GSActor extends Entity
}); });
} }
public function getSelfTags(): array public function getSelfTags(bool $_test_force_recompute = false): array
{ {
return Cache::get('selftags-' . $this->id, return Cache::get('selftags-' . $this->id,
function () { function () {
return DB::findBy('gsactor_tag', ['tagger' => $this->id, 'tagged' => $this->id]); return DB::findBy('gsactor_tag', ['tagger' => $this->id, 'tagged' => $this->id]);
}); }, beta: $_test_force_recompute ? INF : 1.0);
} }
public function setSelfTags(array $tags, array $existing): void public function setSelfTags(array $tags, array $existing): void

18
src/Entity/LocalUser.php
View File

@@ -321,28 +321,34 @@ class LocalUser extends Entity implements UserInterface
} }
} }
public function checkPassword(string $new_password): bool /**
* When authenticating, check a user's password in a timing safe
* way. Will update the password by rehashing if deemed necessary
*/
public function checkPassword(string $password_plain_text): bool
{ {
// Timing safe password verification // Timing safe password verification
if (password_verify($new_password, $this->password)) { if (password_verify($password_plain_text, $this->password)) {
// Update old formats // Update old formats
if (password_needs_rehash($this->password, if (password_needs_rehash($this->password,
self::algoNameToConstant(Common::config('security', 'algorithm')), self::algoNameToConstant(Common::config('security', 'algorithm')),
Common::config('security', 'options')) Common::config('security', 'options'))
) { ) {
$this->changePassword($new_password, true); $this->changePassword(null, $password_plain_text, override: true);
} }
return true; return true;
} }
return false; return false;
} }
public function changePassword(string $new_password, bool $override = false): void public function changePassword(?string $old_password_plain_text, string $new_password_plain_text, bool $override = false): bool
{ {
if ($override || $this->checkPassword($new_password)) { if ($override || $this->checkPassword($old_password_plain_text)) {
$this->setPassword(self::hashPassword($new_password)); $this->setPassword(self::hashPassword($new_password_plain_text));
DB::flush(); DB::flush();
return true;
} }
return false;
} }
public static function hashPassword(string $password) public static function hashPassword(string $password)