enwikipedia-acc / waca

includes/Security/CredentialProviders/PasswordCredentialProvider.php

Indentation +109 added lines, -109 removed lines

@@ -19,123 +19,123 @@
 
 class PasswordCredentialProvider extends CredentialProviderBase
 {
-    const PASSWORD_COST = 10;
-    const PASSWORD_ALGO = PASSWORD_BCRYPT;
-
-    public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
-    {
-        parent::__construct($database, $configuration, 'password');
-    }
-
-    public function authenticate(User $user, $data)
-    {
-        $storedData = $this->getCredentialData($user->getId());
-        if($storedData === null)
-        {
-            // No available credential matching these parameters
-            return false;
-        }
-
-        if($storedData->getVersion() !== 2) {
-            // Non-2 versions are not supported.
-            return false;
-        }
-
-        if (!password_verify($data, $storedData->getData())) {
-            return false;
-        }
-
-        if (password_needs_rehash($storedData->getData(), self::PASSWORD_ALGO,
-            array('cost' => self::PASSWORD_COST))) {
-            try {
-                $this->reallySetCredential($user, $storedData->getFactor(), $data);
-            }
-            catch (OptimisticLockFailedException $e) {
-                // optimistic lock failed, but no biggie. We'll catch it on the next login.
-            }
-        }
-
-        $strengthTester = new Zxcvbn();
-        $strength = $strengthTester->passwordStrength($data, [$user->getUsername(), $user->getOnWikiName(), $user->getEmail()]);
-
-        /*  0 means the password is extremely guessable (within 10^3 guesses), dictionary words like 'password' or 'mother' score a 0
+	const PASSWORD_COST = 10;
+	const PASSWORD_ALGO = PASSWORD_BCRYPT;
+
+	public function __construct(PdoDatabase $database, SiteConfiguration $configuration)
+	{
+		parent::__construct($database, $configuration, 'password');
+	}
+
+	public function authenticate(User $user, $data)
+	{
+		$storedData = $this->getCredentialData($user->getId());
+		if($storedData === null)
+		{
+			// No available credential matching these parameters
+			return false;
+		}
+
+		if($storedData->getVersion() !== 2) {
+			// Non-2 versions are not supported.
+			return false;
+		}
+
+		if (!password_verify($data, $storedData->getData())) {
+			return false;
+		}
+
+		if (password_needs_rehash($storedData->getData(), self::PASSWORD_ALGO,
+			array('cost' => self::PASSWORD_COST))) {
+			try {
+				$this->reallySetCredential($user, $storedData->getFactor(), $data);
+			}
+			catch (OptimisticLockFailedException $e) {
+				// optimistic lock failed, but no biggie. We'll catch it on the next login.
+			}
+		}
+
+		$strengthTester = new Zxcvbn();
+		$strength = $strengthTester->passwordStrength($data, [$user->getUsername(), $user->getOnWikiName(), $user->getEmail()]);
+
+		/*  0 means the password is extremely guessable (within 10^3 guesses), dictionary words like 'password' or 'mother' score a 0
             1 is still very guessable (guesses < 10^6), an extra character on a dictionary word can score a 1
             2 is somewhat guessable (guesses < 10^8), provides some protection from unthrottled online attacks
             3 is safely unguessable (guesses < 10^10), offers moderate protection from offline slow-hash scenario
             4 is very unguessable (guesses >= 10^10) and provides strong protection from offline slow-hash scenario         */
 
-        if ($strength['score'] <= 1 || PasswordBlacklist::isBlacklisted($data) || mb_strlen($data) < 8) {
-            // prevent login for extremely weak passwords
-            // at this point the user has authenticated via password, so they *know* it's weak.
-            SessionAlert::error('Your password is too weak to permit login. Please choose the "forgotten your password" option below and set a new one.', null);
-            return false;
-        }
-
-        return true;
-    }
-
-    /**
-     * @param User   $user
-     * @param int    $factor
-     * @param string $password
-     *
-     * @throws OptimisticLockFailedException
-     */
-    private function reallySetCredential(User $user, int $factor, string $password) : void {
-        $storedData = $this->getCredentialData($user->getId());
-
-        if ($storedData === null) {
-            $storedData = $this->createNewCredential($user);
-        }
-
-        $storedData->setData(password_hash($password, self::PASSWORD_ALGO, array('cost' => self::PASSWORD_COST)));
-        $storedData->setFactor($factor);
-        $storedData->setVersion(2);
-
-        $storedData->save();
-    }
-
-    /**
-     * @param User   $user
-     * @param int    $factor
-     * @param string $password
-     *
-     * @throws ApplicationLogicException
-     * @throws OptimisticLockFailedException
-     */
-    public function setCredential(User $user, $factor, $password)
-    {
-        if (PasswordBlacklist::isBlacklisted($password)) {
-            throw new ApplicationLogicException("Your new password is listed in the top 100,000 passwords. Please choose a stronger one.", null);
-        }
-
-        $strengthTester = new Zxcvbn();
-        $strength = $strengthTester->passwordStrength($password, [$user->getUsername(), $user->getOnWikiName(), $user->getEmail()]);
-
-        /*  0 means the password is extremely guessable (within 10^3 guesses), dictionary words like 'password' or 'mother' score a 0
+		if ($strength['score'] <= 1 || PasswordBlacklist::isBlacklisted($data) || mb_strlen($data) < 8) {
+			// prevent login for extremely weak passwords
+			// at this point the user has authenticated via password, so they *know* it's weak.
+			SessionAlert::error('Your password is too weak to permit login. Please choose the "forgotten your password" option below and set a new one.', null);
+			return false;
+		}
+
+		return true;
+	}
+
+	/**
+	 * @param User   $user
+	 * @param int    $factor
+	 * @param string $password
+	 *
+	 * @throws OptimisticLockFailedException
+	 */
+	private function reallySetCredential(User $user, int $factor, string $password) : void {
+		$storedData = $this->getCredentialData($user->getId());
+
+		if ($storedData === null) {
+			$storedData = $this->createNewCredential($user);
+		}
+
+		$storedData->setData(password_hash($password, self::PASSWORD_ALGO, array('cost' => self::PASSWORD_COST)));
+		$storedData->setFactor($factor);
+		$storedData->setVersion(2);
+
+		$storedData->save();
+	}
+
+	/**
+	 * @param User   $user
+	 * @param int    $factor
+	 * @param string $password
+	 *
+	 * @throws ApplicationLogicException
+	 * @throws OptimisticLockFailedException
+	 */
+	public function setCredential(User $user, $factor, $password)
+	{
+		if (PasswordBlacklist::isBlacklisted($password)) {
+			throw new ApplicationLogicException("Your new password is listed in the top 100,000 passwords. Please choose a stronger one.", null);
+		}
+
+		$strengthTester = new Zxcvbn();
+		$strength = $strengthTester->passwordStrength($password, [$user->getUsername(), $user->getOnWikiName(), $user->getEmail()]);
+
+		/*  0 means the password is extremely guessable (within 10^3 guesses), dictionary words like 'password' or 'mother' score a 0
             1 is still very guessable (guesses < 10^6), an extra character on a dictionary word can score a 1
             2 is somewhat guessable (guesses < 10^8), provides some protection from unthrottled online attacks
             3 is safely unguessable (guesses < 10^10), offers moderate protection from offline slow-hash scenario
             4 is very unguessable (guesses >= 10^10) and provides strong protection from offline slow-hash scenario         */
 
-        if ($strength['score'] <= 2 || mb_strlen($password) < 8) {
-            throw new ApplicationLogicException("Your new password is too weak. Please choose a stronger one.", null);
-        }
-
-        if ($strength['score'] <= 3) {
-            SessionAlert::warning("Your new password is not as strong as it could be. Consider replacing it with a stronger password.", null);
-        }
-
-        $this->reallySetCredential($user, $factor, $password);
-    }
-
-    /**
-     * @param User $user
-     *
-     * @throws ApplicationLogicException
-     */
-    public function deleteCredential(User $user)
-    {
-        throw new ApplicationLogicException('Deletion of password credential is not allowed.');
-    }
+		if ($strength['score'] <= 2 || mb_strlen($password) < 8) {
+			throw new ApplicationLogicException("Your new password is too weak. Please choose a stronger one.", null);
+		}
+
+		if ($strength['score'] <= 3) {
+			SessionAlert::warning("Your new password is not as strong as it could be. Consider replacing it with a stronger password.", null);
+		}
+
+		$this->reallySetCredential($user, $factor, $password);
+	}
+
+	/**
+	 * @param User $user
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	public function deleteCredential(User $user)
+	{
+		throw new ApplicationLogicException('Deletion of password credential is not allowed.');
+	}
 }

Spacing +2 added lines, -2 removed lines

@@ -30,13 +30,13 @@
     public function authenticate(User $user, $data)
     {
         $storedData = $this->getCredentialData($user->getId());
-        if($storedData === null)
+        if ($storedData === null)
         {
             // No available credential matching these parameters
             return false;
         }
 
-        if($storedData->getVersion() !== 2) {
+        if ($storedData->getVersion() !== 2) {
             // Non-2 versions are not supported.
             return false;
         }

Braces +1 added lines, -2 removed lines

@@ -30,8 +30,7 @@
     public function authenticate(User $user, $data)
     {
         $storedData = $this->getCredentialData($user->getId());
-        if($storedData === null)
-        {
+        if($storedData === null) {
             // No available credential matching these parameters
             return false;
         }

includes/Pages/UserAuth/PageChangePassword.php

Indentation +57 added lines, -57 removed lines

@@ -17,71 +17,71 @@
 
 class PageChangePassword extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @return void
-     */
-    protected function main()
-    {
-        $this->setHtmlTitle('Change Password');
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @return void
+	 */
+	protected function main()
+	{
+		$this->setHtmlTitle('Change Password');
 
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            try {
-                $oldPassword = WebRequest::postString('oldpassword');
-                $newPassword = WebRequest::postString('newpassword');
-                $newPasswordConfirmation = WebRequest::postString('newpasswordconfirm');
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			try {
+				$oldPassword = WebRequest::postString('oldpassword');
+				$newPassword = WebRequest::postString('newpassword');
+				$newPasswordConfirmation = WebRequest::postString('newpasswordconfirm');
 
-                $user = User::getCurrent($this->getDatabase());
-                if (!$user instanceof User) {
-                    throw new ApplicationLogicException('User not found');
-                }
+				$user = User::getCurrent($this->getDatabase());
+				if (!$user instanceof User) {
+					throw new ApplicationLogicException('User not found');
+				}
 
-                $this->validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, $user);
+				$this->validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, $user);
 
-                $passwordProvider = new PasswordCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
-                $passwordProvider->setCredential($user, 1, $newPassword);
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect('changePassword');
+				$passwordProvider = new PasswordCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
+				$passwordProvider->setCredential($user, 1, $newPassword);
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect('changePassword');
 
-                return;
-            }
+				return;
+			}
 
-            SessionAlert::success('Password changed successfully!');
+			SessionAlert::success('Password changed successfully!');
 
-            $this->redirect('preferences');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('preferences/changePassword.tpl');
-            $this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
-        }
-    }
+			$this->redirect('preferences');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('preferences/changePassword.tpl');
+			$this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
+		}
+	}
 
-    /**
-     * @param string $oldPassword
-     * @param string $newPassword
-     * @param string $newPasswordConfirmation
-     * @param User   $user
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, User $user)
-    {
-        if ($oldPassword === null || $newPassword === null || $newPasswordConfirmation === null) {
-            throw new ApplicationLogicException('All three fields must be completed to change your password');
-        }
+	/**
+	 * @param string $oldPassword
+	 * @param string $newPassword
+	 * @param string $newPasswordConfirmation
+	 * @param User   $user
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateNewPassword($oldPassword, $newPassword, $newPasswordConfirmation, User $user)
+	{
+		if ($oldPassword === null || $newPassword === null || $newPasswordConfirmation === null) {
+			throw new ApplicationLogicException('All three fields must be completed to change your password');
+		}
 
-        if ($newPassword !== $newPasswordConfirmation) {
-            throw new ApplicationLogicException('Your new passwords did not match!');
-        }
+		if ($newPassword !== $newPasswordConfirmation) {
+			throw new ApplicationLogicException('Your new passwords did not match!');
+		}
 
-        // TODO: adapt for MFA support
-        $passwordProvider = new PasswordCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
-        if (!$passwordProvider->authenticate($user, $oldPassword)) {
-            throw new ApplicationLogicException('The password you entered was incorrect.');
-        }
-    }
+		// TODO: adapt for MFA support
+		$passwordProvider = new PasswordCredentialProvider($this->getDatabase(), $this->getSiteConfiguration());
+		if (!$passwordProvider->authenticate($user, $oldPassword)) {
+			throw new ApplicationLogicException('The password you entered was incorrect.');
+		}
+	}
 }

includes/Pages/UserAuth/PageForgotPassword.php

Indentation +205 added lines, -205 removed lines

@@ -22,209 +22,209 @@
 
 class PageForgotPassword extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     *
-     * This is the forgotten password reset form
-     * @category Security-Critical
-     */
-    protected function main()
-    {
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            $username = WebRequest::postString('username');
-            $email = WebRequest::postEmail('email');
-            $database = $this->getDatabase();
-
-            if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
-                throw new ApplicationLogicException("Both username and email address must be specified!");
-            }
-
-            $user = User::getByUsername($username, $database);
-            $this->sendResetMail($user, $email);
-
-            SessionAlert::success('<strong>Your password reset request has been completed.</strong> If the details you have provided match our records, you should receive an email shortly.');
-
-            $this->redirect('login');
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->setTemplate('forgot-password/forgotpw.tpl');
-        }
-    }
-
-    /**
-     * Sends a reset email if the user is authenticated
-     *
-     * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
-     *                            check anyway within this method and silently skip if we don't have a user.
-     * @param string       $email The provided email address
-     */
-    private function sendResetMail($user, $email)
-    {
-        // If the user isn't found, or the email address is wrong, skip sending the details silently.
-        if (!$user instanceof User) {
-            return;
-        }
-
-        if (strtolower($user->getEmail()) === strtolower($email)) {
-            $clientIp = $this->getXffTrustProvider()
-                ->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
-
-            $this->cleanExistingTokens($user);
-
-            $hash = Base32::encodeUpper(openssl_random_pseudo_bytes(30));
-
-            $encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
-
-            $cred = new Credential();
-            $cred->setDatabase($this->getDatabase());
-            $cred->setFactor(-1);
-            $cred->setUserId($user->getId());
-            $cred->setType('reset');
-            $cred->setData($encryptionHelper->encryptData($hash));
-            $cred->setVersion(0);
-            $cred->setDisabled(0);
-            $cred->setTimeout(new DateTimeImmutable('+ 1 hour'));
-            $cred->setPriority(9);
-            $cred->save();
-
-            $this->assign("user", $user);
-            $this->assign("hash", $hash);
-            $this->assign("remoteAddress", $clientIp);
-
-            $emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
-
-            $this->getEmailHelper()->sendMail($user->getEmail(), "WP:ACC password reset", $emailContent);
-        }
-    }
-
-    /**
-     * Entry point for the reset action
-     *
-     * This is the reset password part of the form.
-     * @category Security-Critical
-     */
-    protected function reset()
-    {
-        $si = WebRequest::getString('si');
-        $id = WebRequest::getString('id');
-
-        if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
-            throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
-        }
-
-        $database = $this->getDatabase();
-        $user = $this->getResettingUser($id, $database, $si);
-
-        // Dual mode
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-            try {
-                $this->doReset($user);
-                $this->cleanExistingTokens($user);
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-                $this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
-
-                return;
-            }
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign('user', $user);
-            $this->setTemplate('forgot-password/forgotpwreset.tpl');
-            $this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
-        }
-    }
-
-    /**
-     * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
-     *
-     * @param integer     $id       The ID of the user to retrieve
-     * @param PdoDatabase $database The database object to use
-     * @param string      $si       The reset hash provided
-     *
-     * @return User
-     * @throws ApplicationLogicException
-     */
-    private function getResettingUser($id, $database, $si)
-    {
-        $user = User::getById($id, $database);
-
-        if ($user === false ||  $user->isCommunityUser()) {
-            throw new ApplicationLogicException("Password reset failed. Please try again.");
-        }
-
-        $statement = $database->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
-        $statement->execute([':user' => $user->getId()]);
-
-        /** @var Credential $credential */
-        $credential = $statement->fetchObject(Credential::class);
-
-        $statement->closeCursor();
-
-        if ($credential === false) {
-            throw new ApplicationLogicException("Password reset failed. Please try again.");
-        }
-
-        $credential->setDatabase($database);
-
-        $encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
-        if ($encryptionHelper->decryptData($credential->getData()) != $si) {
-            throw new ApplicationLogicException("Password reset failed. Please try again.");
-        }
-
-        if ($credential->getTimeout() < new DateTimeImmutable()) {
-            $credential->delete();
-            throw new ApplicationLogicException("Password reset token expired. Please try again.");
-        }
-
-        return $user;
-    }
-
-    /**
-     * Performs the setting of the new password
-     *
-     * @param User $user The user to set the password for
-     *
-     * @throws ApplicationLogicException
-     */
-    private function doReset(User $user)
-    {
-        $pw = WebRequest::postString('pw');
-        $pw2 = WebRequest::postString('pw2');
-
-        if ($pw !== $pw2) {
-            throw new ApplicationLogicException('Passwords do not match!');
-        }
-
-        $passwordCredentialProvider = new PasswordCredentialProvider($user->getDatabase(), $this->getSiteConfiguration());
-        $passwordCredentialProvider->setCredential($user, 1, $pw);
-
-        SessionAlert::success('You may now log in!');
-        $this->redirect('login');
-    }
-
-    protected function isProtectedPage()
-    {
-        return false;
-    }
-
-    /**
-     * @param $user
-     */
-    private function cleanExistingTokens($user): void
-    {
-        // clean out existing reset tokens
-        $statement = $this->getDatabase()->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
-        $statement->execute([':user' => $user->getId()]);
-        $existing = $statement->fetchAll(PdoDatabase::FETCH_CLASS, Credential::class);
-
-        foreach ($existing as $c) {
-            $c->setDatabase($this->getDatabase());
-            $c->delete();
-        }
-    }
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 *
+	 * This is the forgotten password reset form
+	 * @category Security-Critical
+	 */
+	protected function main()
+	{
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			$username = WebRequest::postString('username');
+			$email = WebRequest::postEmail('email');
+			$database = $this->getDatabase();
+
+			if ($username === null || trim($username) === "" || $email === null || trim($email) === "") {
+				throw new ApplicationLogicException("Both username and email address must be specified!");
+			}
+
+			$user = User::getByUsername($username, $database);
+			$this->sendResetMail($user, $email);
+
+			SessionAlert::success('<strong>Your password reset request has been completed.</strong> If the details you have provided match our records, you should receive an email shortly.');
+
+			$this->redirect('login');
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->setTemplate('forgot-password/forgotpw.tpl');
+		}
+	}
+
+	/**
+	 * Sends a reset email if the user is authenticated
+	 *
+	 * @param User|boolean $user  The user located from the database, or false. Doesn't really matter, since we do the
+	 *                            check anyway within this method and silently skip if we don't have a user.
+	 * @param string       $email The provided email address
+	 */
+	private function sendResetMail($user, $email)
+	{
+		// If the user isn't found, or the email address is wrong, skip sending the details silently.
+		if (!$user instanceof User) {
+			return;
+		}
+
+		if (strtolower($user->getEmail()) === strtolower($email)) {
+			$clientIp = $this->getXffTrustProvider()
+				->getTrustedClientIp(WebRequest::remoteAddress(), WebRequest::forwardedAddress());
+
+			$this->cleanExistingTokens($user);
+
+			$hash = Base32::encodeUpper(openssl_random_pseudo_bytes(30));
+
+			$encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
+
+			$cred = new Credential();
+			$cred->setDatabase($this->getDatabase());
+			$cred->setFactor(-1);
+			$cred->setUserId($user->getId());
+			$cred->setType('reset');
+			$cred->setData($encryptionHelper->encryptData($hash));
+			$cred->setVersion(0);
+			$cred->setDisabled(0);
+			$cred->setTimeout(new DateTimeImmutable('+ 1 hour'));
+			$cred->setPriority(9);
+			$cred->save();
+
+			$this->assign("user", $user);
+			$this->assign("hash", $hash);
+			$this->assign("remoteAddress", $clientIp);
+
+			$emailContent = $this->fetchTemplate('forgot-password/reset-mail.tpl');
+
+			$this->getEmailHelper()->sendMail($user->getEmail(), "WP:ACC password reset", $emailContent);
+		}
+	}
+
+	/**
+	 * Entry point for the reset action
+	 *
+	 * This is the reset password part of the form.
+	 * @category Security-Critical
+	 */
+	protected function reset()
+	{
+		$si = WebRequest::getString('si');
+		$id = WebRequest::getString('id');
+
+		if ($si === null || trim($si) === "" || $id === null || trim($id) === "") {
+			throw new ApplicationLogicException("Link not valid, please ensure it has copied correctly");
+		}
+
+		$database = $this->getDatabase();
+		$user = $this->getResettingUser($id, $database, $si);
+
+		// Dual mode
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+			try {
+				$this->doReset($user);
+				$this->cleanExistingTokens($user);
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+				$this->redirect('forgotPassword', 'reset', array('si' => $si, 'id' => $id));
+
+				return;
+			}
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign('user', $user);
+			$this->setTemplate('forgot-password/forgotpwreset.tpl');
+			$this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
+		}
+	}
+
+	/**
+	 * Gets the user resetting their password from the database, or throwing an exception if that is not possible.
+	 *
+	 * @param integer     $id       The ID of the user to retrieve
+	 * @param PdoDatabase $database The database object to use
+	 * @param string      $si       The reset hash provided
+	 *
+	 * @return User
+	 * @throws ApplicationLogicException
+	 */
+	private function getResettingUser($id, $database, $si)
+	{
+		$user = User::getById($id, $database);
+
+		if ($user === false ||  $user->isCommunityUser()) {
+			throw new ApplicationLogicException("Password reset failed. Please try again.");
+		}
+
+		$statement = $database->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
+		$statement->execute([':user' => $user->getId()]);
+
+		/** @var Credential $credential */
+		$credential = $statement->fetchObject(Credential::class);
+
+		$statement->closeCursor();
+
+		if ($credential === false) {
+			throw new ApplicationLogicException("Password reset failed. Please try again.");
+		}
+
+		$credential->setDatabase($database);
+
+		$encryptionHelper = new EncryptionHelper($this->getSiteConfiguration());
+		if ($encryptionHelper->decryptData($credential->getData()) != $si) {
+			throw new ApplicationLogicException("Password reset failed. Please try again.");
+		}
+
+		if ($credential->getTimeout() < new DateTimeImmutable()) {
+			$credential->delete();
+			throw new ApplicationLogicException("Password reset token expired. Please try again.");
+		}
+
+		return $user;
+	}
+
+	/**
+	 * Performs the setting of the new password
+	 *
+	 * @param User $user The user to set the password for
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	private function doReset(User $user)
+	{
+		$pw = WebRequest::postString('pw');
+		$pw2 = WebRequest::postString('pw2');
+
+		if ($pw !== $pw2) {
+			throw new ApplicationLogicException('Passwords do not match!');
+		}
+
+		$passwordCredentialProvider = new PasswordCredentialProvider($user->getDatabase(), $this->getSiteConfiguration());
+		$passwordCredentialProvider->setCredential($user, 1, $pw);
+
+		SessionAlert::success('You may now log in!');
+		$this->redirect('login');
+	}
+
+	protected function isProtectedPage()
+	{
+		return false;
+	}
+
+	/**
+	 * @param $user
+	 */
+	private function cleanExistingTokens($user): void
+	{
+		// clean out existing reset tokens
+		$statement = $this->getDatabase()->prepare("SELECT * FROM credential WHERE type = 'reset' AND user = :user;");
+		$statement->execute([':user' => $user->getId()]);
+		$existing = $statement->fetchAll(PdoDatabase::FETCH_CLASS, Credential::class);
+
+		foreach ($existing as $c) {
+			$c->setDatabase($this->getDatabase());
+			$c->delete();
+		}
+	}
 }

includes/Pages/Registration/PageRegisterBase.php

Indentation +219 added lines, -219 removed lines

@@ -22,222 +22,222 @@
 
 abstract class PageRegisterBase extends InternalPageBase
 {
-    /**
-     * Main function for this page, when no specific actions are called.
-     * @throws AccessDeniedException
-     * @throws ApplicationLogicException
-     * @throws Exception
-     */
-    protected function main()
-    {
-        $useOAuthSignup = $this->getSiteConfiguration()->getUseOAuthSignup();
-        if (! $this->getSiteConfiguration()->isRegistrationAllowed()) {
-           throw new AccessDeniedException();
-        }
-
-        // Dual-mode page
-        if (WebRequest::wasPosted()) {
-            $this->validateCSRFToken();
-
-            try {
-                $this->handlePost($useOAuthSignup);
-            }
-            catch (ApplicationLogicException $ex) {
-                SessionAlert::error($ex->getMessage());
-
-                $this->getDatabase()->rollBack();
-
-                $this->assignCSRFToken();
-                $this->assign("useOAuthSignup", $useOAuthSignup);
-                $this->applyErrorValues();
-                $this->setTemplate($this->getRegistrationTemplate());
-                $this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
-            }
-        }
-        else {
-            $this->assignCSRFToken();
-            $this->assign("useOAuthSignup", $useOAuthSignup);
-            $this->setTemplate($this->getRegistrationTemplate());
-            $this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
-        }
-    }
-
-    protected abstract function getRegistrationTemplate();
-
-    protected function isProtectedPage()
-    {
-        return false;
-    }
-
-    /**
-     * @param string $emailAddress
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateUniqueEmail($emailAddress)
-    {
-        $query = 'SELECT COUNT(id) FROM user WHERE email = :email';
-        $statement = $this->getDatabase()->prepare($query);
-        $statement->execute(array(':email' => $emailAddress));
-
-        if ($statement->fetchColumn() > 0) {
-            throw new ApplicationLogicException('That email address is already in use on this system.');
-        }
-
-        $statement->closeCursor();
-    }
-
-    /**
-     * @param $emailAddress
-     * @param $password
-     * @param $username
-     * @param $useOAuthSignup
-     * @param $confirmationId
-     * @param $onwikiUsername
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateRequest(
-        $emailAddress,
-        $password,
-        $username,
-        $useOAuthSignup,
-        $confirmationId,
-        $onwikiUsername
-    ) {
-        if (!WebRequest::postBoolean('guidelines')) {
-            throw new ApplicationLogicException('You must read the interface guidelines before your request may be submitted.');
-        }
-
-        $this->validateGeneralInformation($emailAddress, $password, $username);
-        $this->validateUniqueEmail($emailAddress);
-        $this->validateNonOAuthFields($useOAuthSignup, $confirmationId, $onwikiUsername);
-    }
-
-    /**
-     * @param $useOAuthSignup
-     * @param $confirmationId
-     * @param $onwikiUsername
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateNonOAuthFields($useOAuthSignup, $confirmationId, $onwikiUsername)
-    {
-        if (!$useOAuthSignup) {
-            if ($confirmationId === null || $confirmationId <= 0) {
-                throw new ApplicationLogicException('Please enter the revision id of your confirmation edit.');
-            }
-
-            if ($onwikiUsername === null) {
-                throw new ApplicationLogicException('Please specify your on-wiki username.');
-            }
-        }
-    }
-
-    /**
-     * @param $emailAddress
-     * @param $password
-     * @param $username
-     *
-     * @throws ApplicationLogicException
-     */
-    protected function validateGeneralInformation($emailAddress, $password, $username)
-    {
-        if ($emailAddress === null) {
-            throw new ApplicationLogicException('Your email address appears to be invalid!');
-        }
-
-        if ($password !== WebRequest::postString('pass2')) {
-            throw new ApplicationLogicException('Your passwords did not match, please try again.');
-        }
-
-        if (User::getByUsername($username, $this->getDatabase()) !== false) {
-            throw new ApplicationLogicException('That username is already in use on this system.');
-        }
-    }
-
-    /**
-     * @param $useOAuthSignup
-     *
-     * @throws ApplicationLogicException
-     * @throws Exception
-     */
-    protected function handlePost($useOAuthSignup)
-    {
-        // Get the data
-        $emailAddress = WebRequest::postEmail('email');
-        $password = WebRequest::postString('pass');
-        $username = WebRequest::postString('name');
-
-        // Only set if OAuth is disabled
-        $confirmationId = WebRequest::postInt('conf_revid');
-        $onwikiUsername = WebRequest::postString('wname');
-
-        // Do some validation
-        $this->validateRequest($emailAddress, $password, $username, $useOAuthSignup, $confirmationId,
-            $onwikiUsername);
-
-        $database = $this->getDatabase();
-
-        $user = new User();
-        $user->setDatabase($database);
-
-        $user->setUsername($username);
-        $user->setEmail($emailAddress);
-
-        if (!$useOAuthSignup) {
-            $user->setOnWikiName($onwikiUsername);
-            $user->setConfirmationDiff($confirmationId);
-        }
-
-        $user->save();
-
-        $passwordCredentialProvider = new PasswordCredentialProvider($database, $this->getSiteConfiguration());
-        $passwordCredentialProvider->setCredential($user, 1, $password);
-
-        $defaultRole = $this->getDefaultRole();
-
-        $role = new UserRole();
-        $role->setDatabase($database);
-        $role->setUser($user->getId());
-        $role->setRole($defaultRole);
-        $role->save();
-
-        // Log now to get the signup date.
-        Logger::newUser($database, $user);
-        Logger::userRolesEdited($database, $user, 'Registration', array($defaultRole), array());
-
-        if ($useOAuthSignup) {
-            $oauthProtocolHelper = $this->getOAuthProtocolHelper();
-            $oauth = new OAuthUserHelper($user, $database, $oauthProtocolHelper, $this->getSiteConfiguration());
-
-            $authoriseUrl = $oauth->getRequestToken();
-            WebRequest::setOAuthPartialLogin($user);
-            $this->redirectUrl($authoriseUrl);
-        }
-        else {
-            // only notify if we're not using the oauth signup.
-            $this->getNotificationHelper()->userNew($user);
-            WebRequest::setLoggedInUser($user);
-            $this->redirect('preferences');
-        }
-    }
-
-    protected abstract function getDefaultRole();
-
-    /**
-     * Entry point for registration complete
-     * @throws Exception
-     */
-    protected function done()
-    {
-        $this->setTemplate('registration/alert-registrationcomplete.tpl');
-    }
-
-    protected function applyErrorValues()
-    {
-        $this->assign('tplUsername', WebRequest::postString('name'));
-        $this->assign('tplEmail', WebRequest::postString('email'));
-        $this->assign('tplWikipediaUsername', WebRequest::postString('wname'));
-        $this->assign('tplConfRevId', WebRequest::postInt('conf_revid'));
-    }}
+	/**
+	 * Main function for this page, when no specific actions are called.
+	 * @throws AccessDeniedException
+	 * @throws ApplicationLogicException
+	 * @throws Exception
+	 */
+	protected function main()
+	{
+		$useOAuthSignup = $this->getSiteConfiguration()->getUseOAuthSignup();
+		if (! $this->getSiteConfiguration()->isRegistrationAllowed()) {
+		   throw new AccessDeniedException();
+		}
+
+		// Dual-mode page
+		if (WebRequest::wasPosted()) {
+			$this->validateCSRFToken();
+
+			try {
+				$this->handlePost($useOAuthSignup);
+			}
+			catch (ApplicationLogicException $ex) {
+				SessionAlert::error($ex->getMessage());
+
+				$this->getDatabase()->rollBack();
+
+				$this->assignCSRFToken();
+				$this->assign("useOAuthSignup", $useOAuthSignup);
+				$this->applyErrorValues();
+				$this->setTemplate($this->getRegistrationTemplate());
+				$this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
+			}
+		}
+		else {
+			$this->assignCSRFToken();
+			$this->assign("useOAuthSignup", $useOAuthSignup);
+			$this->setTemplate($this->getRegistrationTemplate());
+			$this->addJs("/vendor/dropbox/zxcvbn/dist/zxcvbn.js");
+		}
+	}
+
+	protected abstract function getRegistrationTemplate();
+
+	protected function isProtectedPage()
+	{
+		return false;
+	}
+
+	/**
+	 * @param string $emailAddress
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateUniqueEmail($emailAddress)
+	{
+		$query = 'SELECT COUNT(id) FROM user WHERE email = :email';
+		$statement = $this->getDatabase()->prepare($query);
+		$statement->execute(array(':email' => $emailAddress));
+
+		if ($statement->fetchColumn() > 0) {
+			throw new ApplicationLogicException('That email address is already in use on this system.');
+		}
+
+		$statement->closeCursor();
+	}
+
+	/**
+	 * @param $emailAddress
+	 * @param $password
+	 * @param $username
+	 * @param $useOAuthSignup
+	 * @param $confirmationId
+	 * @param $onwikiUsername
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateRequest(
+		$emailAddress,
+		$password,
+		$username,
+		$useOAuthSignup,
+		$confirmationId,
+		$onwikiUsername
+	) {
+		if (!WebRequest::postBoolean('guidelines')) {
+			throw new ApplicationLogicException('You must read the interface guidelines before your request may be submitted.');
+		}
+
+		$this->validateGeneralInformation($emailAddress, $password, $username);
+		$this->validateUniqueEmail($emailAddress);
+		$this->validateNonOAuthFields($useOAuthSignup, $confirmationId, $onwikiUsername);
+	}
+
+	/**
+	 * @param $useOAuthSignup
+	 * @param $confirmationId
+	 * @param $onwikiUsername
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateNonOAuthFields($useOAuthSignup, $confirmationId, $onwikiUsername)
+	{
+		if (!$useOAuthSignup) {
+			if ($confirmationId === null || $confirmationId <= 0) {
+				throw new ApplicationLogicException('Please enter the revision id of your confirmation edit.');
+			}
+
+			if ($onwikiUsername === null) {
+				throw new ApplicationLogicException('Please specify your on-wiki username.');
+			}
+		}
+	}
+
+	/**
+	 * @param $emailAddress
+	 * @param $password
+	 * @param $username
+	 *
+	 * @throws ApplicationLogicException
+	 */
+	protected function validateGeneralInformation($emailAddress, $password, $username)
+	{
+		if ($emailAddress === null) {
+			throw new ApplicationLogicException('Your email address appears to be invalid!');
+		}
+
+		if ($password !== WebRequest::postString('pass2')) {
+			throw new ApplicationLogicException('Your passwords did not match, please try again.');
+		}
+
+		if (User::getByUsername($username, $this->getDatabase()) !== false) {
+			throw new ApplicationLogicException('That username is already in use on this system.');
+		}
+	}
+
+	/**
+	 * @param $useOAuthSignup
+	 *
+	 * @throws ApplicationLogicException
+	 * @throws Exception
+	 */
+	protected function handlePost($useOAuthSignup)
+	{
+		// Get the data
+		$emailAddress = WebRequest::postEmail('email');
+		$password = WebRequest::postString('pass');
+		$username = WebRequest::postString('name');
+
+		// Only set if OAuth is disabled
+		$confirmationId = WebRequest::postInt('conf_revid');
+		$onwikiUsername = WebRequest::postString('wname');
+
+		// Do some validation
+		$this->validateRequest($emailAddress, $password, $username, $useOAuthSignup, $confirmationId,
+			$onwikiUsername);
+
+		$database = $this->getDatabase();
+
+		$user = new User();
+		$user->setDatabase($database);
+
+		$user->setUsername($username);
+		$user->setEmail($emailAddress);
+
+		if (!$useOAuthSignup) {
+			$user->setOnWikiName($onwikiUsername);
+			$user->setConfirmationDiff($confirmationId);
+		}
+
+		$user->save();
+
+		$passwordCredentialProvider = new PasswordCredentialProvider($database, $this->getSiteConfiguration());
+		$passwordCredentialProvider->setCredential($user, 1, $password);
+
+		$defaultRole = $this->getDefaultRole();
+
+		$role = new UserRole();
+		$role->setDatabase($database);
+		$role->setUser($user->getId());
+		$role->setRole($defaultRole);
+		$role->save();
+
+		// Log now to get the signup date.
+		Logger::newUser($database, $user);
+		Logger::userRolesEdited($database, $user, 'Registration', array($defaultRole), array());
+
+		if ($useOAuthSignup) {
+			$oauthProtocolHelper = $this->getOAuthProtocolHelper();
+			$oauth = new OAuthUserHelper($user, $database, $oauthProtocolHelper, $this->getSiteConfiguration());
+
+			$authoriseUrl = $oauth->getRequestToken();
+			WebRequest::setOAuthPartialLogin($user);
+			$this->redirectUrl($authoriseUrl);
+		}
+		else {
+			// only notify if we're not using the oauth signup.
+			$this->getNotificationHelper()->userNew($user);
+			WebRequest::setLoggedInUser($user);
+			$this->redirect('preferences');
+		}
+	}
+
+	protected abstract function getDefaultRole();
+
+	/**
+	 * Entry point for registration complete
+	 * @throws Exception
+	 */
+	protected function done()
+	{
+		$this->setTemplate('registration/alert-registrationcomplete.tpl');
+	}
+
+	protected function applyErrorValues()
+	{
+		$this->assign('tplUsername', WebRequest::postString('name'));
+		$this->assign('tplEmail', WebRequest::postString('email'));
+		$this->assign('tplWikipediaUsername', WebRequest::postString('wname'));
+		$this->assign('tplConfRevId', WebRequest::postInt('conf_revid'));
+	}}