From b66a61addb6c8e66cb26fcf74b532d68891267e4 Mon Sep 17 00:00:00 2001 From: Marvin Borner Date: Wed, 23 May 2018 22:23:28 +0200 Subject: Refactored code, many fixes and improvements in chat backend+frontend --- .../account/src/Authenticate/AuthGuard.php | 13 +++++----- .../Exception/AccountDisabledException.php | 1 + .../Exception/AccountInvalidException.php | 1 + .../Exception/AccountNotVerifiedException.php | 1 + .../Exception/AuthCompromisedException.php | 1 + .../Exception/AuthExpiredException.php | 1 + .../Exception/InvalidCredentialsException.php | 1 + .../sprinkles/account/src/Authenticate/Hasher.php | 29 ++++++++++------------ 8 files changed, 25 insertions(+), 23 deletions(-) (limited to 'main/app/sprinkles/account/src/Authenticate') diff --git a/main/app/sprinkles/account/src/Authenticate/AuthGuard.php b/main/app/sprinkles/account/src/Authenticate/AuthGuard.php index efcfaae..ce64bd7 100644 --- a/main/app/sprinkles/account/src/Authenticate/AuthGuard.php +++ b/main/app/sprinkles/account/src/Authenticate/AuthGuard.php @@ -5,6 +5,7 @@ * @link https://github.com/userfrosting/UserFrosting * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) */ + namespace UserFrosting\Sprinkle\Account\Authenticate; use Psr\Http\Message\ResponseInterface; @@ -29,22 +30,20 @@ class AuthGuard * * @param $authenticator Authenticator The current authentication object. */ - public function __construct($authenticator) - { + public function __construct($authenticator) { $this->authenticator = $authenticator; } /** * Invoke the AuthGuard middleware, throwing an exception if there is no authenticated user in the session. * - * @param \Psr\Http\Message\ServerRequestInterface $request PSR7 request - * @param \Psr\Http\Message\ResponseInterface $response PSR7 response - * @param callable $next Next middleware + * @param \Psr\Http\Message\ServerRequestInterface $request PSR7 request + * @param \Psr\Http\Message\ResponseInterface $response PSR7 response + * @param callable $next Next middleware * * @return \Psr\Http\Message\ResponseInterface */ - public function __invoke($request, $response, $next) - { + public function __invoke($request, $response, $next) { if (!$this->authenticator->check()) { throw new AuthExpiredException(); } else { diff --git a/main/app/sprinkles/account/src/Authenticate/Exception/AccountDisabledException.php b/main/app/sprinkles/account/src/Authenticate/Exception/AccountDisabledException.php index e79ceb5..3ad4c59 100644 --- a/main/app/sprinkles/account/src/Authenticate/Exception/AccountDisabledException.php +++ b/main/app/sprinkles/account/src/Authenticate/Exception/AccountDisabledException.php @@ -5,6 +5,7 @@ * @link https://github.com/userfrosting/UserFrosting * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) */ + namespace UserFrosting\Sprinkle\Account\Authenticate\Exception; use UserFrosting\Support\Exception\HttpException; diff --git a/main/app/sprinkles/account/src/Authenticate/Exception/AccountInvalidException.php b/main/app/sprinkles/account/src/Authenticate/Exception/AccountInvalidException.php index 607235b..fb06fae 100644 --- a/main/app/sprinkles/account/src/Authenticate/Exception/AccountInvalidException.php +++ b/main/app/sprinkles/account/src/Authenticate/Exception/AccountInvalidException.php @@ -5,6 +5,7 @@ * @link https://github.com/userfrosting/UserFrosting * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) */ + namespace UserFrosting\Sprinkle\Account\Authenticate\Exception; use UserFrosting\Support\Exception\HttpException; diff --git a/main/app/sprinkles/account/src/Authenticate/Exception/AccountNotVerifiedException.php b/main/app/sprinkles/account/src/Authenticate/Exception/AccountNotVerifiedException.php index 7eb56a6..2a721bb 100644 --- a/main/app/sprinkles/account/src/Authenticate/Exception/AccountNotVerifiedException.php +++ b/main/app/sprinkles/account/src/Authenticate/Exception/AccountNotVerifiedException.php @@ -5,6 +5,7 @@ * @link https://github.com/userfrosting/UserFrosting * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) */ + namespace UserFrosting\Sprinkle\Account\Authenticate\Exception; use UserFrosting\Support\Exception\HttpException; diff --git a/main/app/sprinkles/account/src/Authenticate/Exception/AuthCompromisedException.php b/main/app/sprinkles/account/src/Authenticate/Exception/AuthCompromisedException.php index df3efbe..52fd528 100644 --- a/main/app/sprinkles/account/src/Authenticate/Exception/AuthCompromisedException.php +++ b/main/app/sprinkles/account/src/Authenticate/Exception/AuthCompromisedException.php @@ -5,6 +5,7 @@ * @link https://github.com/userfrosting/UserFrosting * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) */ + namespace UserFrosting\Sprinkle\Account\Authenticate\Exception; use UserFrosting\Support\Exception\ForbiddenException; diff --git a/main/app/sprinkles/account/src/Authenticate/Exception/AuthExpiredException.php b/main/app/sprinkles/account/src/Authenticate/Exception/AuthExpiredException.php index 5583746..ab7cbdb 100644 --- a/main/app/sprinkles/account/src/Authenticate/Exception/AuthExpiredException.php +++ b/main/app/sprinkles/account/src/Authenticate/Exception/AuthExpiredException.php @@ -5,6 +5,7 @@ * @link https://github.com/userfrosting/UserFrosting * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) */ + namespace UserFrosting\Sprinkle\Account\Authenticate\Exception; use UserFrosting\Support\Exception\HttpException; diff --git a/main/app/sprinkles/account/src/Authenticate/Exception/InvalidCredentialsException.php b/main/app/sprinkles/account/src/Authenticate/Exception/InvalidCredentialsException.php index 18d4a5c..78ea3de 100644 --- a/main/app/sprinkles/account/src/Authenticate/Exception/InvalidCredentialsException.php +++ b/main/app/sprinkles/account/src/Authenticate/Exception/InvalidCredentialsException.php @@ -5,6 +5,7 @@ * @link https://github.com/userfrosting/UserFrosting * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) */ + namespace UserFrosting\Sprinkle\Account\Authenticate\Exception; use UserFrosting\Support\Exception\HttpException; diff --git a/main/app/sprinkles/account/src/Authenticate/Hasher.php b/main/app/sprinkles/account/src/Authenticate/Hasher.php index e277eef..5de939f 100644 --- a/main/app/sprinkles/account/src/Authenticate/Hasher.php +++ b/main/app/sprinkles/account/src/Authenticate/Hasher.php @@ -5,6 +5,7 @@ * @link https://github.com/userfrosting/UserFrosting * @license https://github.com/userfrosting/UserFrosting/blob/master/licenses/UserFrosting.md (MIT License) */ + namespace UserFrosting\Sprinkle\Account\Authenticate; /** @@ -28,12 +29,11 @@ class Hasher * @param string $password the hashed password. * @return string "sha1"|"legacy"|"modern". */ - public function getHashType($password) - { + public function getHashType($password) { // If the password in the db is 65 characters long, we have an sha1-hashed password. if (strlen($password) == 65) { return 'sha1'; - } elseif (strlen($password) == 82) { + } else if (strlen($password) == 82) { return 'legacy'; } @@ -44,12 +44,11 @@ class Hasher * Hashes a plaintext password using bcrypt. * * @param string $password the plaintext password. - * @param array $options + * @param array $options * @return string the hashed password. * @throws HashFailedException */ - public function hash($password, array $options = []) - { + public function hash($password, array $options = []) { $hash = password_hash($password, PASSWORD_BCRYPT, [ 'cost' => $this->cost($options), ]); @@ -66,21 +65,20 @@ class Hasher * * @param string $password The plaintext password to verify. * @param string $hash The hash to compare against. - * @param array $options + * @param array $options * @return boolean True if the password matches, false otherwise. */ - public function verify($password, $hash, array $options = []) - { + public function verify($password, $hash, array $options = []) { $hashType = $this->getHashType($hash); if ($hashType == 'sha1') { // Legacy UserCake passwords - $salt = substr($hash, 0, 25); // Extract the salt from the hash + $salt = substr($hash, 0, 25); // Extract the salt from the hash $inputHash = $salt . sha1($salt . $password); - return (hash_equals($inputHash, $hash) === true); + return (hash_equals($inputHash, $hash) === TRUE); - } elseif ($hashType == 'legacy') { + } else if ($hashType == 'legacy') { // Homegrown implementation (assuming that current install has been using a cost parameter of 12) // Used for manual implementation of bcrypt. // Note that this legacy hashing put the salt at the _end_ for some reason. @@ -88,7 +86,7 @@ class Hasher $inputHash = crypt($password, '$2y$12$' . $salt); $correctHash = substr($hash, 0, 60); - return (hash_equals($inputHash, $correctHash) === true); + return (hash_equals($inputHash, $correctHash) === TRUE); } // Modern implementation @@ -98,11 +96,10 @@ class Hasher /** * Extract the cost value from the options array. * - * @param array $options + * @param array $options * @return int */ - protected function cost(array $options = []) - { + protected function cost(array $options = []) { return isset($options['rounds']) ? $options['rounds'] : $this->defaultRounds; } } -- cgit v1.2.3