summaryrefslogtreecommitdiff
path: root/src/Helpers/Authenticator.php
diff options
context:
space:
mode:
Diffstat (limited to 'src/Helpers/Authenticator.php')
-rw-r--r--src/Helpers/Authenticator.php93
1 files changed, 83 insertions, 10 deletions
diff --git a/src/Helpers/Authenticator.php b/src/Helpers/Authenticator.php
index 61d07980..db33339b 100644
--- a/src/Helpers/Authenticator.php
+++ b/src/Helpers/Authenticator.php
@@ -25,6 +25,9 @@ class Authenticator
/** @var string[] */
protected $permissions;
+ /** @var int */
+ protected $passwordAlgorithm = PASSWORD_DEFAULT;
+
/**
* @param ServerRequestInterface $request
* @param Session $session
@@ -48,7 +51,7 @@ class Authenticator
return $this->user;
}
- $userId = $this->session->get('uid');
+ $userId = $this->session->get('user_id');
if (!$userId) {
return null;
}
@@ -104,17 +107,15 @@ class Authenticator
$abilities = (array)$abilities;
if (empty($this->permissions)) {
- $userId = $this->user ? $this->user->id : $this->session->get('uid');
+ $user = $this->user();
- if ($userId) {
- if ($user = $this->user()) {
- $this->permissions = $this->getPermissionsByUser($user);
+ if ($user) {
+ $this->permissions = $this->getPermissionsByUser($user);
- $user->last_login_at = new Carbon();
- $user->save();
- } else {
- $this->session->remove('uid');
- }
+ $user->last_login_at = new Carbon();
+ $user->save();
+ } elseif ($this->session->get('user_id')) {
+ $this->session->remove('user_id');
}
if (empty($this->permissions)) {
@@ -132,6 +133,78 @@ class Authenticator
}
/**
+ * @param string $login
+ * @param string $password
+ * @return User|null
+ */
+ public function authenticate(string $login, string $password)
+ {
+ /** @var User $user */
+ $user = $this->userRepository->whereName($login)->first();
+ if (!$user) {
+ $user = $this->userRepository->whereEmail($login)->first();
+ }
+
+ if (!$user) {
+ return null;
+ }
+
+ if (!$this->verifyPassword($user, $password)) {
+ return null;
+ }
+
+ return $user;
+ }
+
+ /**
+ * @param User $user
+ * @param string $password
+ * @return bool
+ */
+ public function verifyPassword(User $user, string $password)
+ {
+ $algorithm = $this->passwordAlgorithm;
+
+ if (!password_verify($password, $user->password)) {
+ return false;
+ }
+
+ if (password_needs_rehash($user->password, $algorithm)) {
+ $this->setPassword($user, $password);
+ }
+
+ return true;
+ }
+
+ /**
+ * @param UserRepository $user
+ * @param string $password
+ */
+ public function setPassword(User $user, string $password)
+ {
+ $algorithm = $this->passwordAlgorithm;
+
+ $user->password = password_hash($password, $algorithm);
+ $user->save();
+ }
+
+ /**
+ * @return int
+ */
+ public function getPasswordAlgorithm()
+ {
+ return $this->passwordAlgorithm;
+ }
+
+ /**
+ * @param int $passwordAlgorithm
+ */
+ public function setPasswordAlgorithm(int $passwordAlgorithm)
+ {
+ $this->passwordAlgorithm = $passwordAlgorithm;
+ }
+
+ /**
* @param User $user
* @return array
* @codeCoverageIgnore