Handle password change

2015-02-17 21:03:23 +01:00
parent 7781faa0b0
commit d9085c63e3
10 changed files with 268 additions and 34 deletions
--- a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php
+++ b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php
@ -41,10 +41,6 @@ class WallabagPasswordEncoder extends BasePasswordEncoder
     */
    public function encodePassword($raw, $salt)
    {
-        if (null === $this->username) {
-            throw new \LogicException('We can not check the password without a username.');
-        }
-
        if ($this->isPasswordTooLong($raw)) {
            throw new BadCredentialsException('Invalid password.');
        }
@ -71,6 +67,10 @@ class WallabagPasswordEncoder extends BasePasswordEncoder
     */
    protected function mergePasswordAndSalt($password, $salt)
    {
+        if (null === $this->username) {
+            throw new \LogicException('We can not check the password without a username.');
+        }
+
        if (empty($salt)) {
            return $password;
        }
--- a/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php
+++ b/src/Wallabag/CoreBundle/Security/Validator/WallabagUserPasswordValidator.php
@ -0,0 +1,48 @@
+<?php
+
+namespace Wallabag\CoreBundle\Security\Validator;
+
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\SecurityContextInterface;
+use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
+use Symfony\Component\Validator\Constraint;
+use Symfony\Component\Validator\ConstraintValidator;
+use Symfony\Component\Validator\Exception\ConstraintDefinitionException;
+use Symfony\Component\Validator\Exception\UnexpectedTypeException;
+use Symfony\Component\Security\Core\Validator\Constraints\UserPassword;
+
+class WallabagUserPasswordValidator extends ConstraintValidator
+{
+    private $securityContext;
+    private $encoderFactory;
+
+    public function __construct(SecurityContextInterface $securityContext, EncoderFactoryInterface $encoderFactory)
+    {
+        $this->securityContext = $securityContext;
+        $this->encoderFactory = $encoderFactory;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function validate($password, Constraint $constraint)
+    {
+        if (!$constraint instanceof UserPassword) {
+            throw new UnexpectedTypeException($constraint, __NAMESPACE__.'\UserPassword');
+        }
+
+        $user = $this->securityContext->getToken()->getUser();
+
+        if (!$user instanceof UserInterface) {
+            throw new ConstraintDefinitionException('The User object must implement the UserInterface interface.');
+        }
+
+        // give username, it's used to hash the password
+        $encoder = $this->encoderFactory->getEncoder($user);
+        $encoder->setUsername($user->getUsername());
+
+        if (!$encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) {
+            $this->context->addViolation($constraint->message);
+        }
+    }
+}