1 files changed, 48 insertions, 0 deletions
diff --git a/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php b/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php
new file mode 100644
index 00000000..5586f976
--- /dev/null
+++ b/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php
@@ -0,0 +1,48 @@
+<?php
+namespace Wallabag\CoreBundle\Security\Validator;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\SecurityContextInterface;
+use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
+use Symfony\Component\Validator\Constraint;
+use Symfony\Component\Validator\ConstraintValidator;
+use Symfony\Component\Validator\Exception\ConstraintDefinitionException;
+use Symfony\Component\Validator\Exception\UnexpectedTypeException;
+use Symfony\Component\Security\Core\Validator\Constraints\UserPassword;
+class WallabagUserPasswordValidator extends ConstraintValidator
+{
+    private $securityContext;
+    private $encoderFactory;
+    public function __construct(SecurityContextInterface $securityContext, EncoderFactoryInterface $encoderFactory)
+    {
+        $this->securityContext = $securityContext;
+        $this->encoderFactory = $encoderFactory;
+    }
+    /**
+     * {@inheritdoc}
+     */
+    public function validate($password, Constraint $constraint)
+    {
+        if (!$constraint instanceof UserPassword) {
+            throw new UnexpectedTypeException($constraint, __NAMESPACE__.'\UserPassword');
+        }
+        $user = $this->securityContext->getToken()->getUser();
+        if (!$user instanceof UserInterface) {
+            throw new ConstraintDefinitionException('The User object must implement the UserInterface interface.');
+        }
+        // give username, it's used to hash the password
+        $encoder = $this->encoderFactory->getEncoder($user);
+        $encoder->setUsername($user->getUsername());
+        if (!$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) {
+            $this->context->addViolation($constraint->message);
+        }
+    }
+}

diff --git a/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php b/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php new file mode 100644 index 00000000..5586f976 --- /dev/null +++ b/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php
@@ -0,0 +1,48 @@
	1	<?php
	2
	3	namespace Wallabag\CoreBundle\Security\Validator;
	4
	5	use Symfony\Component\Security\Core\User\UserInterface;
	6	use Symfony\Component\Security\Core\SecurityContextInterface;
	7	use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
	8	use Symfony\Component\Validator\Constraint;
	9	use Symfony\Component\Validator\ConstraintValidator;
	10	use Symfony\Component\Validator\Exception\ConstraintDefinitionException;
	11	use Symfony\Component\Validator\Exception\UnexpectedTypeException;
	12	use Symfony\Component\Security\Core\Validator\Constraints\UserPassword;
	13
	14	class WallabagUserPasswordValidator extends ConstraintValidator
	15	{
	16	private $securityContext;
	17	private $encoderFactory;
	18
	19	public function __construct(SecurityContextInterface $securityContext, EncoderFactoryInterface $encoderFactory)
	20	{
	21	$this->securityContext = $securityContext;
	22	$this->encoderFactory = $encoderFactory;
	23	}
	24
	25	/**
	26	* {@inheritdoc}
	27	*/
	28	public function validate($password, Constraint $constraint)
	29	{
	30	if (!$constraint instanceof UserPassword) {
	31	throw new UnexpectedTypeException($constraint, __NAMESPACE__.'\UserPassword');
	32	}
	33
	34	$user = $this->securityContext->getToken()->getUser();
	35
	36	if (!$user instanceof UserInterface) {
	37	throw new ConstraintDefinitionException('The User object must implement the UserInterface interface.');
	38	}
	39
	40	// give username, it's used to hash the password
	41	$encoder = $this->encoderFactory->getEncoder($user);
	42	$encoder->setUsername($user->getUsername());
	43
	44	if (!$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) {
	45	$this->context->addViolation($constraint->message);
	46	}
	47	}
	48	}