From 910b98505321aee7a3aef30e6ce9e2a3d0904106 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Florian=20Kr=C3=A4mer?= Date: Thu, 1 Oct 2015 21:05:41 +0200 Subject: [PATCH] Improving the code of UserBehavior --- src/Model/Behavior/UserBehavior.php | 69 ++++++++++++++++------------- 1 file changed, 39 insertions(+), 30 deletions(-) diff --git a/src/Model/Behavior/UserBehavior.php b/src/Model/Behavior/UserBehavior.php index 1dff11c..132c3cf 100644 --- a/src/Model/Behavior/UserBehavior.php +++ b/src/Model/Behavior/UserBehavior.php @@ -215,30 +215,30 @@ protected function _emailVerification(EntityInterface &$entity, $options) { * @return Entity */ protected function _beforeRegister(Entity $entity, $options = []) { - extract(Hash::merge($this->_config['register'], $options)); + $options = Hash::merge($this->_config['register'], $options); if ($this->_config['useUuid'] === true) { $primaryKey = $this->_table->primaryKey(); $entity->{$primaryKey} = Text::uuid(); } - if ($userActive === true) { + if ($options['userActive'] === true) { $entity->{$this->_field('active')} = true; } $this->_emailVerification($entity, $options); if (!isset($entity->{$this->_field('role')})) { - $entity->{$this->_field('role')} = $defaultRole; + $entity->{$this->_field('role')} = $options['defaultRole']; } - if ($generatePassword === true) { - $password = $this->generatePassword((int) $generatePassword); + if ($options['generatePassword'] === true) { + $password = $this->generatePassword(); $entity->{$this->_field('password')} = $password; $entity->clear_password = $password; } - if ($hashPassword === true) { + if ($options['hashPassword'] === true) { $entity->{$this->_field('password')} = $this->hashPassword($entity->{$this->_field('password')}); } @@ -254,7 +254,7 @@ protected function _beforeRegister(Entity $entity, $options = []) { */ public function findEmailVerified(Query $query, array $options) { $query->where([ - $this->alias() . '.email_verified' => true, + $this->alias() . '.' . $this->_field('emailVerified') => true, ]); return $query; } @@ -268,7 +268,7 @@ public function findEmailVerified(Query $query, array $options) { */ public function findActive(Query $query, array $options) { $query->where([ - $this->alias() . '.active' => true, + $this->alias() . '.' . $this->_field('active') => true, ]); return $query; } @@ -461,8 +461,20 @@ public function resetPassword(Entity $user) { * @return string */ public function generatePassword($length = 8, $options = []) { + $options = $this->_passwordDictionary($options); + $password = ''; + srand((double) microtime() * 1000000); + for ($i = 0; $i < $length; $i++) { + $password .= + $options['cons'][mt_rand(0, count($options['cons']) - 1)] . + $options['vowels'][mt_rand(0, count($options['vowels']) - 1)]; + } + + return substr($password, 0, $length); + } + public function _passwordDictionary(array $options = []) { $defaults = [ 'vowels' => [ 'a', 'e', 'i', 'o', 'u' @@ -473,25 +485,13 @@ public function generatePassword($length = 8, $options = []) { 'dr', 'ch', 'ph', 'wr', 'st', 'sp', 'sw', 'pr', 'sl', 'cl' ] ]; - if (isset($options['cons'])) { unset($defaults['cons']); } - if (isset($options['vowels'])) { unset($defaults['vowels']); } - - $options = Hash::merge($defaults, $options); - $password = ''; - - for ($i = 0; $i < $length; $i++) { - $password .= - $options['cons'][mt_rand(0, count($options['cons']) - 1)] . - $options['vowels'][mt_rand(0, count($options['vowels']) - 1)]; - } - - return substr($password, 0, $length); + return Hash::merge($defaults, $options); } /** @@ -545,6 +545,18 @@ public function removeExpiredRegistrations($conditions = []) { * @return boolean */ public function changePassword(Entity $entity) { + $this->_changePasswordValidation(); + if ($entity->errors()) { + return false; + } + $entity->password = $this->hashPassword($entity->password); + if ($this->_table->save($entity, ['validate' => false])) { + return true; + } + return false; + } + + protected function _changePasswordValidation() { $validator = $this->_table->validator('default'); $validator->provider('userTable', $this->_table); $validator->add('old_password', 'notBlank', [ @@ -557,14 +569,6 @@ public function changePassword(Entity $entity) { 'message' => __d('user_tools', 'Wrong password, please try again.') ]); $this->_table->validator('default', $validator); - if ($entity->errors()) { - return false; - } - $entity->password = $this->hashPassword($entity->password); - if ($this->_table->save($entity, ['validate' => false])) { - return true; - } - return false; } /** @@ -573,6 +577,7 @@ public function changePassword(Entity $entity) { * @param mixed $value * @param string $field * @param mixed $context + * @return boolean */ public function validateOldPassword($value, $field, $context) { $result = $this->_table->find('all', [ @@ -616,13 +621,17 @@ public function initPasswordReset($value, $options = []) { $this->_table->alias() . '.' . $this->_field('username') ] ]; + $options = Hash::merge($defaults, $this->_config['initPasswordReset'], $options); $result = $this->_getUser($value, $options); + if (empty($result)) { throw new RecordNotFoundException(__d('user_tools', 'User not found.')); } + $result->{$this->_field('passwordToken')} = $this->generateToken($options['tokenLength']); $result->{$this->_field('passwordTokenExpires')} = $this->expirationTime($options['expires']); + $this->_table->save($result, ['checkRules' => false]); return $this->sendPasswordResetToken($result, [ 'to' => $result->{$this->_field('email')} @@ -678,7 +687,7 @@ protected function _getUser($value, $options = []) { } /** - * Sends a new password to an user by email + * Sends a new password to an user by email. * * Note that this is *not* a recommended way to reset an user password. A much * more secure approach is to have the user manually enter a new password and