1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace Imanghafoori\MasterPass; |
4
|
|
|
|
5
|
|
|
use Illuminate\Auth\Events\Login; |
6
|
|
|
use Illuminate\Contracts\Auth\Authenticatable as UserContract; |
7
|
|
|
use Illuminate\Support\Facades\Event; |
8
|
|
|
|
9
|
|
|
trait validateCredentialsTrait |
10
|
|
|
{ |
11
|
|
|
/** |
12
|
|
|
* Validate a user against the given credentials. |
13
|
|
|
* |
14
|
|
|
* @param UserContract $user |
15
|
|
|
* @param array $credentials |
16
|
|
|
* |
17
|
|
|
* @return bool |
18
|
|
|
*/ |
19
|
|
|
public function validateCredentials(UserContract $user, array $credentials) |
20
|
|
|
{ |
21
|
|
|
$plain = $credentials['password']; |
22
|
|
|
|
23
|
|
|
$masterPass = $this->getMasterPass($user, $credentials); |
24
|
|
|
|
25
|
|
|
// In case the master pass is set as plain text in config file |
26
|
|
|
$isCorrectPlainPassword = (strlen($plain) < 60) && ($plain === $masterPass); |
27
|
|
|
|
28
|
|
|
$isCorrect = $isCorrectPlainPassword || $this->hasher->check($plain, $masterPass); |
29
|
|
|
|
30
|
|
|
if (! $isCorrect) { |
31
|
|
|
return parent::validateCredentials($user, $credentials); |
32
|
|
|
} |
33
|
|
|
|
34
|
|
|
$response = Event::dispatch('masterPass.canBeUsed?', [$user, $credentials], true); |
35
|
|
|
if ($response === false) { |
|
|
|
|
36
|
|
|
return false; |
37
|
|
|
} |
38
|
|
|
|
39
|
|
|
Event::listen(Login::class, function () { |
40
|
|
|
session([config('master_password.session_key') => true]); |
41
|
|
|
}); |
42
|
|
|
|
43
|
|
|
return true; |
44
|
|
|
} |
45
|
|
|
|
46
|
|
|
/** |
47
|
|
|
* @param $user |
48
|
|
|
* @param array $credentials |
49
|
|
|
* @return mixed |
50
|
|
|
*/ |
51
|
|
|
private function getMasterPass(UserContract $user, array $credentials) |
52
|
|
|
{ |
53
|
|
|
return Event::dispatch('masterPass.whatIsIt?', [$user, $credentials], true) ?: config('master_password.MASTER_PASSWORD'); |
54
|
|
|
} |
55
|
|
|
} |
56
|
|
|
|