mirror of
https://github.com/elyby/accounts.git
synced 2024-12-26 07:09:46 +05:30
Реализовано автоматическое обновление алгоритма хэширования пароля во время авторизации пользователя
This commit is contained in:
parent
3d6d9d484c
commit
fe2c422621
@ -67,7 +67,17 @@ class LoginForm extends ApiForm {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $this->getAccount()->getJWT();
|
||||
if ($this->rememberMe) {
|
||||
// TODO: здесь нужно записать какую-то
|
||||
}
|
||||
|
||||
$account = $this->getAccount();
|
||||
if ($account->password_hash_strategy === Account::PASS_HASH_STRATEGY_OLD_ELY) {
|
||||
$account->setPassword($this->password);
|
||||
$account->save();
|
||||
}
|
||||
|
||||
return $account->getJWT();
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -28,19 +28,4 @@ class AccountsChangeEmailInitializeCest {
|
||||
]);
|
||||
}
|
||||
|
||||
public function testChangeEmailWithOldPasswordStrategy(FunctionalTester $I) {
|
||||
$I->wantTo('see, that account use old account password hash strategy');
|
||||
$I->loggedInAsActiveAccount('AccWithOldPassword', '12345678');
|
||||
|
||||
$this->route->changeEmailInitialize('password_0');
|
||||
$I->canSeeResponseCodeIs(200);
|
||||
$I->canSeeResponseIsJson();
|
||||
$I->canSeeResponseContainsJson([
|
||||
'success' => false,
|
||||
'errors' => [
|
||||
'email' => 'error.old_hash_strategy',
|
||||
],
|
||||
]);
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -4,12 +4,25 @@ namespace tests\codeception\api\models\authentication;
|
||||
use api\models\authentication\LoginForm;
|
||||
use Codeception\Specify;
|
||||
use common\models\Account;
|
||||
use tests\codeception\api\unit\TestCase;
|
||||
use tests\codeception\api\unit\DbTestCase;
|
||||
use tests\codeception\common\fixtures\AccountFixture;
|
||||
use Yii;
|
||||
|
||||
class LoginFormTest extends TestCase {
|
||||
/**
|
||||
* @property AccountFixture $accounts
|
||||
*/
|
||||
class LoginFormTest extends DbTestCase {
|
||||
use Specify;
|
||||
|
||||
public function fixtures() {
|
||||
return [
|
||||
'accounts' => [
|
||||
'class' => AccountFixture::class,
|
||||
'dataFile' => '@tests/codeception/common/fixtures/data/accounts.php',
|
||||
],
|
||||
];
|
||||
}
|
||||
|
||||
public function testValidateLogin() {
|
||||
$this->specify('error.login_not_exist if login not exists', function () {
|
||||
$model = $this->createModel([
|
||||
@ -84,6 +97,18 @@ class LoginFormTest extends TestCase {
|
||||
});
|
||||
}
|
||||
|
||||
public function testLoginWithRehashing() {
|
||||
$this->specify('user, that login using account with old pass hash strategy should update it automatically', function () {
|
||||
$model = new LoginForm([
|
||||
'login' => $this->accounts['user-with-old-password-type']['username'],
|
||||
'password' => '12345678',
|
||||
]);
|
||||
expect($model->login())->notEquals(false);
|
||||
expect($model->errors)->isEmpty();
|
||||
expect($model->getAccount()->password_hash_strategy)->equals(Account::PASS_HASH_STRATEGY_YII2);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $params
|
||||
* @return LoginForm
|
||||
|
Loading…
Reference in New Issue
Block a user