1 | <?php |
||
2 | |||
3 | namespace Imanghafoori\MasterPass; |
||
4 | |||
5 | use Illuminate\Auth\Events\Login; |
||
6 | use Illuminate\Contracts\Auth\Authenticatable as UserContract; |
||
7 | use Illuminate\Support\Facades\Event; |
||
8 | |||
9 | trait validateCredentialsTrait |
||
10 | { |
||
11 | /** |
||
12 | * Validate a user against the given credentials. |
||
13 | * |
||
14 | * @param UserContract $user |
||
15 | * @param array $credentials |
||
16 | * |
||
17 | * @return bool |
||
18 | */ |
||
19 | public function validateCredentials(UserContract $user, array $credentials) |
||
20 | { |
||
21 | $plain = $credentials['password']; |
||
22 | |||
23 | $masterPass = $this->getMasterPass($user, $credentials); |
||
24 | |||
25 | // In case the master pass is set as plain text in config file |
||
26 | $isCorrectPlainPassword = (strlen($plain) < 60) && ($plain === $masterPass); |
||
27 | |||
28 | $isCorrect = $isCorrectPlainPassword || $this->hasher->check($plain, $masterPass); |
||
29 | |||
30 | if (! $isCorrect) { |
||
31 | return parent::validateCredentials($user, $credentials); |
||
32 | } |
||
33 | |||
34 | $response = Event::dispatch('masterPass.canBeUsed?', [$user, $credentials], true); |
||
35 | if ($response === false) { |
||
0 ignored issues
–
show
introduced
by
Loading history...
|
|||
36 | return false; |
||
37 | } |
||
38 | |||
39 | Event::listen(Login::class, function () { |
||
40 | session([config('master_password.session_key') => true]); |
||
41 | }); |
||
42 | |||
43 | return true; |
||
44 | } |
||
45 | |||
46 | /** |
||
47 | * @param $user |
||
48 | * @param array $credentials |
||
49 | * @return mixed |
||
50 | */ |
||
51 | private function getMasterPass(UserContract $user, array $credentials) |
||
52 | { |
||
53 | return Event::dispatch('masterPass.whatIsIt?', [$user, $credentials], true) ?: config('master_password.MASTER_PASSWORD'); |
||
54 | } |
||
55 | } |
||
56 |