diff options
Diffstat (limited to 'src/Wallabag/CoreBundle/Security')
-rw-r--r-- | src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php | 8 | ||||
-rw-r--r-- | src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php | 48 |
2 files changed, 52 insertions, 4 deletions
diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php index 56f1affe..fcfe418b 100644 --- a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php +++ b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php | |||
@@ -41,10 +41,6 @@ class WallabagPasswordEncoder extends BasePasswordEncoder | |||
41 | */ | 41 | */ |
42 | public function encodePassword($raw, $salt) | 42 | public function encodePassword($raw, $salt) |
43 | { | 43 | { |
44 | if (null === $this->username) { | ||
45 | throw new \LogicException('We can not check the password without a username.'); | ||
46 | } | ||
47 | |||
48 | if ($this->isPasswordTooLong($raw)) { | 44 | if ($this->isPasswordTooLong($raw)) { |
49 | throw new BadCredentialsException('Invalid password.'); | 45 | throw new BadCredentialsException('Invalid password.'); |
50 | } | 46 | } |
@@ -71,6 +67,10 @@ class WallabagPasswordEncoder extends BasePasswordEncoder | |||
71 | */ | 67 | */ |
72 | protected function mergePasswordAndSalt($password, $salt) | 68 | protected function mergePasswordAndSalt($password, $salt) |
73 | { | 69 | { |
70 | if (null === $this->username) { | ||
71 | throw new \LogicException('We can not check the password without a username.'); | ||
72 | } | ||
73 | |||
74 | if (empty($salt)) { | 74 | if (empty($salt)) { |
75 | return $password; | 75 | return $password; |
76 | } | 76 | } |
diff --git a/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php b/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php new file mode 100644 index 00000000..5586f976 --- /dev/null +++ b/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php | |||
@@ -0,0 +1,48 @@ | |||
1 | <?php | ||
2 | |||
3 | namespace Wallabag\CoreBundle\Security\Validator; | ||
4 | |||
5 | use Symfony\Component\Security\Core\User\UserInterface; | ||
6 | use Symfony\Component\Security\Core\SecurityContextInterface; | ||
7 | use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface; | ||
8 | use Symfony\Component\Validator\Constraint; | ||
9 | use Symfony\Component\Validator\ConstraintValidator; | ||
10 | use Symfony\Component\Validator\Exception\ConstraintDefinitionException; | ||
11 | use Symfony\Component\Validator\Exception\UnexpectedTypeException; | ||
12 | use Symfony\Component\Security\Core\Validator\Constraints\UserPassword; | ||
13 | |||
14 | class WallabagUserPasswordValidator extends ConstraintValidator | ||
15 | { | ||
16 | private $securityContext; | ||
17 | private $encoderFactory; | ||
18 | |||
19 | public function __construct(SecurityContextInterface $securityContext, EncoderFactoryInterface $encoderFactory) | ||
20 | { | ||
21 | $this->securityContext = $securityContext; | ||
22 | $this->encoderFactory = $encoderFactory; | ||
23 | } | ||
24 | |||
25 | /** | ||
26 | * {@inheritdoc} | ||
27 | */ | ||
28 | public function validate($password, Constraint $constraint) | ||
29 | { | ||
30 | if (!$constraint instanceof UserPassword) { | ||
31 | throw new UnexpectedTypeException($constraint, __NAMESPACE__.'\UserPassword'); | ||
32 | } | ||
33 | |||
34 | $user = $this->securityContext->getToken()->getUser(); | ||
35 | |||
36 | if (!$user instanceof UserInterface) { | ||
37 | throw new ConstraintDefinitionException('The User object must implement the UserInterface interface.'); | ||
38 | } | ||
39 | |||
40 | // give username, it's used to hash the password | ||
41 | $encoder = $this->encoderFactory->getEncoder($user); | ||
42 | $encoder->setUsername($user->getUsername()); | ||
43 | |||
44 | if (!$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) { | ||
45 | $this->context->addViolation($constraint->message); | ||
46 | } | ||
47 | } | ||
48 | } | ||