From d9a218e0757c351b58c7d61f6871222c94b70beb Mon Sep 17 00:00:00 2001
From: ErickSkrauch <erickskrauch@yandex.ru>
Date: Sat, 12 Mar 2016 00:55:46 +0300
Subject: [PATCH] =?UTF-8?q?=D0=94=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5?=
 =?UTF-8?q?=D0=BD=D0=BE=20=D0=B7=D0=B0=D0=BF=D0=BE=D0=BC=D0=B8=D0=BD=D0=B0?=
 =?UTF-8?q?=D0=BD=D0=B8=D0=B5=20=D0=BF=D0=BE=D1=81=D0=BB=D0=B5=D0=B4=D0=BD?=
 =?UTF-8?q?=D0=B5=D0=B3=D0=BE=20=D0=B8=D0=B7=D0=BC=D0=B5=D0=BD=D0=B5=D0=BD?=
 =?UTF-8?q?=D0=B8=D1=8F=20=D0=BF=D0=B0=D1=80=D0=BE=D0=BB=D1=8F,=20=D1=83?=
 =?UTF-8?q?=D0=B4=D0=B0=D0=BB=D0=B5=D0=BD=D0=BE=20=D0=BF=D0=BE=D0=BB=D0=B5?=
 =?UTF-8?q?=20auth=5Fkey,=20=D0=BF=D0=BE=D0=BF=D1=80=D0=B0=D0=B2=D0=BB?=
 =?UTF-8?q?=D0=B5=D0=BD=D0=B0=20=D0=B7=D0=B0=D0=B3=D1=80=D1=83=D0=B7=D0=BA?=
 =?UTF-8?q?=D0=B0=20=D1=84=D0=B8=D0=BA=D1=81=D1=82=D1=83=D1=80=20=D0=B4?=
 =?UTF-8?q?=D0=BB=D1=8F=20=D1=84=D1=83=D0=BD=D0=BA=D1=86=D0=B8=D0=BE=D0=BD?=
 =?UTF-8?q?=D0=B0=D0=BB=D1=8C=D0=BD=D1=8B=D1=85=20=D1=82=D0=B5=D1=81=D1=82?=
 =?UTF-8?q?=D0=BE=D0=B2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 api/controllers/AccountsController.php        |  2 ++
 api/models/RegistrationForm.php               |  1 -
 common/models/Account.php                     | 12 +++--------
 .../m160311_211107_password_change_time.php   | 21 +++++++++++++++++++
 .../unit/models/ChangePasswordFormTest.php    |  2 ++
 .../common/_support/FixtureHelper.php         |  5 +++--
 .../common/fixtures/data/accounts.php         |  6 +++---
 7 files changed, 34 insertions(+), 15 deletions(-)
 create mode 100644 console/migrations/m160311_211107_password_change_time.php

diff --git a/api/controllers/AccountsController.php b/api/controllers/AccountsController.php
index 1699e33..0fa8e1f 100644
--- a/api/controllers/AccountsController.php
+++ b/api/controllers/AccountsController.php
@@ -37,10 +37,12 @@ class AccountsController extends Controller {
 
         return [
             'id' => $account->id,
+            'uuid' => $account->uuid,
             'username' => $account->username,
             'email' => $account->email,
             'shouldChangePassword' => $account->password_hash_strategy === Account::PASS_HASH_STRATEGY_OLD_ELY,
             'isActive' => $account->status === Account::STATUS_ACTIVE,
+            'password_changed_at' => $account->password_changed_at,
         ];
     }
 
diff --git a/api/models/RegistrationForm.php b/api/models/RegistrationForm.php
index f30f722..1122ff5 100644
--- a/api/models/RegistrationForm.php
+++ b/api/models/RegistrationForm.php
@@ -68,7 +68,6 @@ class RegistrationForm extends BaseApiForm {
             $account->username = $this->username;
             $account->password = $this->password;
             $account->status = Account::STATUS_REGISTERED;
-            $account->generateAuthKey();
             if (!$account->save()) {
                 throw new ErrorException('Account not created.');
             }
diff --git a/common/models/Account.php b/common/models/Account.php
index b961a50..d815ec0 100644
--- a/common/models/Account.php
+++ b/common/models/Account.php
@@ -19,10 +19,10 @@ use yii\web\IdentityInterface;
  * @property string  $password_hash
  * @property integer $password_hash_strategy
  * @property string  $password_reset_token
- * @property string  $auth_key
  * @property integer $status
  * @property integer $created_at
  * @property integer $updated_at
+ * @property integer $password_changed_at
  *
  * Геттеры-сеттеры:
  * @property string  $password пароль пользователя (только для записи)
@@ -117,7 +117,7 @@ class Account extends ActiveRecord implements IdentityInterface {
      * @inheritdoc
      */
     public function getAuthKey() {
-        return $this->auth_key;
+        throw new NotSupportedException('This method used for cookie auth, except we using JWT tokens');
     }
 
     /**
@@ -161,13 +161,7 @@ class Account extends ActiveRecord implements IdentityInterface {
     public function setPassword($password) {
         $this->password_hash_strategy = self::PASS_HASH_STRATEGY_YII2;
         $this->password_hash = Yii::$app->security->generatePasswordHash($password);
-    }
-
-    /**
-     * Generates "remember me" authentication key
-     */
-    public function generateAuthKey() {
-        $this->auth_key = Yii::$app->security->generateRandomString();
+        $this->password_changed_at = time();
     }
 
     /**
diff --git a/console/migrations/m160311_211107_password_change_time.php b/console/migrations/m160311_211107_password_change_time.php
new file mode 100644
index 0000000..ebdab9f
--- /dev/null
+++ b/console/migrations/m160311_211107_password_change_time.php
@@ -0,0 +1,21 @@
+<?php
+
+use console\db\Migration;
+
+class m160311_211107_password_change_time extends Migration {
+
+    public function safeUp() {
+        $this->addColumn('{{%accounts}}', 'password_changed_at', $this->integer()->notNull());
+        $this->getDb()->createCommand('
+            UPDATE {{%accounts}}
+               SET password_changed_at = created_at
+        ')->execute();
+        $this->dropColumn('{{%accounts}}', 'auth_key');
+    }
+
+    public function safeDown() {
+        $this->dropColumn('{{%accounts}}', 'password_changed_at');
+        $this->addColumn('{{%accounts}}', 'auth_key', $this->string(32)->notNull() . ' AFTER `status`');
+    }
+
+}
diff --git a/tests/codeception/api/unit/models/ChangePasswordFormTest.php b/tests/codeception/api/unit/models/ChangePasswordFormTest.php
index bf777b7..e454843 100644
--- a/tests/codeception/api/unit/models/ChangePasswordFormTest.php
+++ b/tests/codeception/api/unit/models/ChangePasswordFormTest.php
@@ -89,6 +89,7 @@ class ChangePasswordFormTest extends DbTestCase {
             expect('form should return true', $model->changePassword())->true();
             expect('new password should be successfully stored into account', $account->validatePassword('my-new-password'))->true();
             expect('always use new strategy', $account->password_hash_strategy)->equals(Account::PASS_HASH_STRATEGY_YII2);
+            expect('password change time updated', $account->password_changed_at)->greaterOrEquals(time());
         });
 
         /** @var Account $account */
@@ -102,6 +103,7 @@ class ChangePasswordFormTest extends DbTestCase {
             expect('form should return true', $model->changePassword())->true();
             expect('new password should be successfully stored into account', $account->validatePassword('my-new-password'))->true();
             expect('strategy should be changed to modern', $account->password_hash_strategy)->equals(Account::PASS_HASH_STRATEGY_YII2);
+            expect('password change time updated', $account->password_changed_at)->greaterOrEquals(time());
         });
     }
 
diff --git a/tests/codeception/common/_support/FixtureHelper.php b/tests/codeception/common/_support/FixtureHelper.php
index c413a84..b3a336b 100644
--- a/tests/codeception/common/_support/FixtureHelper.php
+++ b/tests/codeception/common/_support/FixtureHelper.php
@@ -2,6 +2,7 @@
 namespace tests\codeception\common\_support;
 
 use Codeception\Module;
+use Codeception\TestCase;
 use tests\codeception\common\fixtures\AccountFixture;
 use tests\codeception\common\fixtures\EmailActivationFixture;
 use tests\codeception\common\fixtures\OauthClientFixture;
@@ -29,11 +30,11 @@ class FixtureHelper extends Module {
         getFixture as protected;
     }
 
-    public function _beforeSuite($settings = []) {
+    public function _before(TestCase $test) {
         $this->loadFixtures();
     }
 
-    public function _afterSuite() {
+    public function _after(TestCase $test) {
         $this->unloadFixtures();
     }
 
diff --git a/tests/codeception/common/fixtures/data/accounts.php b/tests/codeception/common/fixtures/data/accounts.php
index eb70aef..1bc6ec7 100644
--- a/tests/codeception/common/fixtures/data/accounts.php
+++ b/tests/codeception/common/fixtures/data/accounts.php
@@ -8,10 +8,10 @@ return [
         'password_hash' => '$2y$13$CXT0Rkle1EMJ/c1l5bylL.EylfmQ39O5JlHJVFpNn618OUS1HwaIi', # password_0
         'password_hash_strategy' => \common\models\Account::PASS_HASH_STRATEGY_YII2,
         'password_reset_token' => null,
-        'auth_key' => 'iwTNae9t34OmnK6l4vT4IeaTk-YWI2Rv',
         'status' => \common\models\Account::STATUS_ACTIVE,
         'created_at' => 1451775316,
         'updated_at' => 1451775316,
+        'password_changed_at' => 1451775316,
     ],
     'user-with-old-password-type' => [
         'id' => 2,
@@ -21,10 +21,10 @@ return [
         'password_hash' => '133c00c463cbd3e491c28cb653ce4718', # 12345678
         'password_hash_strategy' => \common\models\Account::PASS_HASH_STRATEGY_OLD_ELY,
         'password_reset_token' => null,
-        'auth_key' => 'ltTNae9t34OmnK6l4vT4IeaTk-YWI2Rv',
         'status' => \common\models\Account::STATUS_ACTIVE,
         'created_at' => 1385225069,
         'updated_at' => 1385225069,
+        'password_changed_at' => 1385225069,
     ],
     'not-activated-account' => [
         'id' => 3,
@@ -34,9 +34,9 @@ return [
         'password_hash' => '$2y$13$2rYkap5T6jG8z/mMK8a3Ou6aZxJcmAaTha6FEuujvHEmybSHRzW5e', # password_0
         'password_hash_strategy' => \common\models\Account::PASS_HASH_STRATEGY_YII2,
         'password_reset_token' => null,
-        'auth_key' => '3AGc12Q7U8lU9umIyCWk5iCnpdPvZ8Up',
         'status' => \common\models\Account::STATUS_REGISTERED,
         'created_at' => 1453146616,
         'updated_at' => 1453146616,
+        'password_changed_at' => 1453146616,
     ]
 ];