|
1
|
|
|
<?php |
|
2
|
|
|
declare(strict_types=1); |
|
3
|
|
|
|
|
4
|
|
|
namespace SlayerBirden\DataFlowServer\Authentication\Service; |
|
5
|
|
|
|
|
6
|
|
|
use Doctrine\Common\Collections\Criteria; |
|
7
|
|
|
use Doctrine\ORM\EntityManager; |
|
8
|
|
|
use Psr\Log\LoggerInterface; |
|
9
|
|
|
use SlayerBirden\DataFlowServer\Authentication\Entities\Password; |
|
10
|
|
|
use SlayerBirden\DataFlowServer\Authentication\Exception\InvalidCredentialsException; |
|
11
|
|
|
use SlayerBirden\DataFlowServer\Authentication\Exception\PasswordExpiredException; |
|
12
|
|
|
use SlayerBirden\DataFlowServer\Authentication\PasswordManagerInterface; |
|
13
|
|
|
use SlayerBirden\DataFlowServer\Domain\Entities\User; |
|
14
|
|
|
|
|
15
|
|
|
class PasswordManager implements PasswordManagerInterface |
|
16
|
|
|
{ |
|
17
|
|
|
/** |
|
18
|
|
|
* @var EntityManager |
|
19
|
|
|
*/ |
|
20
|
|
|
private $entityManager; |
|
21
|
|
|
/** |
|
22
|
|
|
* @var LoggerInterface |
|
23
|
|
|
*/ |
|
24
|
|
|
private $logger; |
|
25
|
|
|
|
|
26
|
17 |
|
public function __construct(EntityManager $entityManager, LoggerInterface $logger) |
|
|
|
|
|
|
27
|
|
|
{ |
|
28
|
17 |
|
$this->entityManager = $entityManager; |
|
29
|
17 |
|
$this->logger = $logger; |
|
30
|
17 |
|
} |
|
31
|
|
|
|
|
32
|
7 |
|
public function isValidForUser(string $password, User $user): bool |
|
33
|
|
|
{ |
|
34
|
7 |
|
$results = $this->entityManager |
|
35
|
7 |
|
->getRepository(Password::class) |
|
36
|
7 |
|
->matching( |
|
37
|
7 |
|
Criteria::create() |
|
38
|
7 |
|
->where(Criteria::expr()->eq('owner', $user)) |
|
39
|
7 |
|
->andWhere(Criteria::expr()->eq('active', true)) |
|
40
|
|
|
); |
|
41
|
7 |
|
if ($results->count()) { |
|
42
|
|
|
/** @var Password $pw */ |
|
43
|
7 |
|
$pw = $results->first(); |
|
44
|
7 |
|
return $this->isValid($password, $pw); |
|
45
|
|
|
} else { |
|
46
|
|
|
throw new InvalidCredentialsException('Invalid login/password combination.'); |
|
47
|
|
|
} |
|
48
|
|
|
} |
|
49
|
|
|
|
|
50
|
|
|
/** |
|
51
|
|
|
* @param Password $password |
|
52
|
|
|
* @return bool |
|
53
|
|
|
*/ |
|
54
|
7 |
|
private function isExpired(Password $password) |
|
55
|
|
|
{ |
|
56
|
7 |
|
return $password->getDue() < new \DateTime(); |
|
57
|
|
|
} |
|
58
|
|
|
|
|
59
|
2 |
|
public function getHash(string $password): string |
|
60
|
|
|
{ |
|
61
|
2 |
|
return password_hash($password, PASSWORD_DEFAULT); |
|
62
|
|
|
} |
|
63
|
|
|
|
|
64
|
|
|
/** |
|
65
|
|
|
* @inheritdoc |
|
66
|
|
|
*/ |
|
67
|
7 |
|
public function isValid(string $password, Password $passwordObject): bool |
|
68
|
|
|
{ |
|
69
|
7 |
|
if ($this->isExpired($passwordObject)) { |
|
70
|
|
|
throw new PasswordExpiredException('Password is expired.'); |
|
71
|
|
|
} |
|
72
|
7 |
|
return password_verify($password, $passwordObject->getHash()); |
|
73
|
|
|
} |
|
74
|
|
|
} |
|
75
|
|
|
|
SlayerBirden /
dataflow-server
The
EntityManagermight become unusable for example if a transaction is rolled back and it gets closed. Let’s assume that somewhere in your application, or in a third-party library, there is code such as the following:If that code throws an exception and the
EntityManageris closed. Any other code which depends on the same instance of theEntityManagerduring this request will fail.On the other hand, if you instead inject the
ManagerRegistry, thegetManager()method guarantees that you will always get a usable manager instance.