1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
/** |
4
|
|
|
* _ __ __ _____ _____ ___ ____ _____ |
5
|
|
|
* | | / // // ___//_ _// || __||_ _| |
6
|
|
|
* | |/ // /(__ ) / / / /| || | | | |
7
|
|
|
* |___//_//____/ /_/ /_/ |_||_| |_| |
8
|
|
|
* @link https://vistart.me/ |
9
|
|
|
* @copyright Copyright (c) 2016 - 2017 vistart |
10
|
|
|
* @license https://vistart.me/license/ |
11
|
|
|
*/ |
12
|
|
|
|
13
|
|
|
namespace rhosocial\base\models\traits; |
14
|
|
|
|
15
|
|
|
use Yii; |
16
|
|
|
use yii\base\ModelEvent; |
17
|
|
|
|
18
|
|
|
/** |
19
|
|
|
* User features concerning password. |
20
|
|
|
* |
21
|
|
|
* Notice! Please DO NOT change password throughout modifying `pass_hash` property, |
22
|
|
|
* use `setPassword()` magic property instead! |
23
|
|
|
* |
24
|
|
|
* Set or directly reset password: |
25
|
|
|
* ```php |
26
|
|
|
* $this->password = '<new password>'; // 'afterSetPassword' event will be triggered. |
27
|
|
|
* $this->save(); |
28
|
|
|
* ``` |
29
|
|
|
* |
30
|
|
|
* @property-write string $password New password to be set. |
31
|
|
|
* @property array $passwordHashRules |
32
|
|
|
* @property array $passwordResetTokenRules |
33
|
|
|
* @property array $rules |
34
|
|
|
* @version 1.0 |
35
|
|
|
* @author vistart <[email protected]> |
36
|
|
|
*/ |
37
|
|
|
trait PasswordTrait |
38
|
|
|
{ |
39
|
|
|
|
40
|
|
|
public static $eventAfterSetPassword = "afterSetPassword"; |
41
|
|
|
public static $eventBeforeValidatePassword = "beforeValidatePassword"; |
42
|
|
|
public static $eventValidatePasswordSucceeded = "validatePasswordSucceeded"; |
43
|
|
|
public static $eventValidatePasswordFailed = "validatePasswordFailed"; |
44
|
|
|
public static $eventBeforeResetPassword = "beforeResetPassword"; |
45
|
|
|
public static $eventAfterResetPassword = "afterResetPassword"; |
46
|
|
|
public static $eventResetPasswordFailed = "resetPasswordFailed"; |
47
|
|
|
public static $eventNewPasswordAppliedFor = "newPasswordAppliedFor"; |
48
|
|
|
public static $eventPasswordResetTokenGenerated = "passwordResetTokenGenerated"; |
49
|
|
|
|
50
|
|
|
/** |
51
|
|
|
* @var string The name of attribute used for storing password hash. |
52
|
|
|
* We strongly recommend you not to change `pass_hash` property directly, |
53
|
|
|
* please use setPassword() magic property instead. |
54
|
|
|
*/ |
55
|
|
|
public $passwordHashAttribute = 'pass_hash'; |
56
|
|
|
|
57
|
|
|
/** |
58
|
|
|
* @var string The name of attribute used for storing password reset token. |
59
|
|
|
* If you do not want to provide password reset feature, please set `false`. |
60
|
|
|
*/ |
61
|
|
|
public $passwordResetTokenAttribute = 'password_reset_token'; |
62
|
|
|
|
63
|
|
|
/** |
64
|
|
|
* @var integer Cost parameter used by the Blowfish hash algorithm. |
65
|
|
|
*/ |
66
|
|
|
public $passwordCost = 13; |
67
|
|
|
|
68
|
|
|
/** |
69
|
|
|
* @var integer if $passwordHashStrategy equals 'crypt', this value statically |
70
|
|
|
* equals 60. |
71
|
|
|
*/ |
72
|
|
|
public $passwordHashAttributeLength = 60; |
73
|
|
|
private $passwordHashRules = []; |
74
|
|
|
private $passwordResetTokenRules = []; |
75
|
|
|
|
76
|
|
|
/** |
77
|
|
|
* Return the empty password specialty. |
78
|
|
|
* NOTE: PLEASE OVERRIDE THIS METHOD TO SPECIFY YOUR OWN EMPTY PASSWORD SPECIALTY. |
79
|
|
|
* - The length of specialty should be greater than 18. |
80
|
|
|
* - Uppercase and lowercase letters, punctuation marks, numbers, and underscores are required. |
81
|
|
|
* @return string The string regarded as empty password. |
82
|
|
|
*/ |
83
|
7 |
|
protected function getEmptyPasswordSpecialty() |
84
|
|
|
{ |
85
|
7 |
|
return 'Rrvl-7}cXt_<iAx[5s'; |
86
|
|
|
} |
87
|
|
|
|
88
|
|
|
protected $_password; |
89
|
|
|
|
90
|
|
|
/** |
91
|
|
|
* Get rules of password hash. |
92
|
|
|
* @return array password hash rules. |
93
|
|
|
*/ |
94
|
288 |
|
public function getPasswordHashRules() |
95
|
|
|
{ |
96
|
288 |
|
if (!is_string($this->passwordHashAttribute) || empty($this->passwordHashAttribute)) { |
97
|
|
|
return []; |
98
|
|
|
} |
99
|
288 |
|
if (empty($this->passwordHashRules) || !is_array($this->passwordHashRules)) { |
100
|
286 |
|
$this->passwordHashRules = [ |
101
|
286 |
|
[[$this->passwordHashAttribute], 'string', 'max' => $this->passwordHashAttributeLength], |
102
|
|
|
]; |
103
|
|
|
} |
104
|
288 |
|
return $this->passwordHashRules; |
105
|
|
|
} |
106
|
|
|
|
107
|
|
|
/** |
108
|
|
|
* Set rules of password hash. |
109
|
|
|
* @param array $rules password hash rules. |
110
|
|
|
*/ |
111
|
2 |
|
public function setPasswordHashRules($rules) |
112
|
|
|
{ |
113
|
2 |
|
if (!empty($rules) && is_array($rules)) { |
114
|
2 |
|
$this->passwordHashRules = $rules; |
115
|
|
|
} |
116
|
2 |
|
} |
117
|
|
|
|
118
|
|
|
/** |
119
|
|
|
* Get the rules associated with password reset token attribute. |
120
|
|
|
* If password reset feature is not enabled, the empty array will be given. |
121
|
|
|
* @return mixed |
122
|
|
|
*/ |
123
|
288 |
|
public function getPasswordResetTokenRules() |
124
|
|
|
{ |
125
|
288 |
|
if (!is_string($this->passwordResetTokenAttribute) || empty($this->passwordResetTokenAttribute)) { |
126
|
|
|
return []; |
127
|
|
|
} |
128
|
288 |
|
if (empty($this->passwordResetTokenRules) || !is_array($this->passwordResetTokenRules)) { |
129
|
286 |
|
$this->passwordResetTokenRules = [ |
130
|
286 |
|
[[$this->passwordResetTokenAttribute], 'string', 'length' => 40], |
131
|
286 |
|
[[$this->passwordResetTokenAttribute], 'unique'], |
132
|
|
|
]; |
133
|
|
|
} |
134
|
288 |
|
return $this->passwordResetTokenRules; |
135
|
|
|
} |
136
|
|
|
|
137
|
|
|
/** |
138
|
|
|
* Set the rules associated with password reset token attribute. |
139
|
|
|
* @param mixed $rules |
140
|
|
|
*/ |
141
|
3 |
|
public function setPasswordResetTokenRules($rules) |
142
|
|
|
{ |
143
|
3 |
|
if (!empty($rules) && is_array($rules)) { |
144
|
2 |
|
$this->passwordResetTokenRules = $rules; |
145
|
|
|
} |
146
|
3 |
|
} |
147
|
|
|
|
148
|
|
|
/** |
149
|
|
|
* Generates a secure hash from a password and a random salt. |
150
|
|
|
* |
151
|
|
|
* The generated hash can be stored in database. |
152
|
|
|
* Later when a password needs to be validated, the hash can be fetched and passed |
153
|
|
|
* to [[validatePassword()]]. For example, |
154
|
|
|
* |
155
|
|
|
* ~~~ |
156
|
|
|
* // generates the hash (usually done during user registration or when the password is changed) |
157
|
|
|
* $hash = Yii::$app->getSecurity()->generatePasswordHash($password); |
158
|
|
|
* // ...save $hash in database... |
159
|
|
|
* |
160
|
|
|
* // during login, validate if the password entered is correct using $hash fetched from database |
161
|
|
|
* if (Yii::$app->getSecurity()->validatePassword($password, $hash) { |
162
|
|
|
* // password is good |
163
|
|
|
* } else { |
164
|
|
|
* // password is bad |
165
|
|
|
* } |
166
|
|
|
* ~~~ |
167
|
|
|
* |
168
|
|
|
* @param string $password The password to be hashed. |
169
|
|
|
* @return string The password hash string. When [[passwordHashStrategy]] is set to 'crypt', |
170
|
|
|
* the output is always 60 ASCII characters, when set to 'password_hash' the output length |
171
|
|
|
* might increase in future versions of PHP (http://php.net/manual/en/function.password-hash.php) |
172
|
|
|
*/ |
173
|
191 |
|
public function generatePasswordHash($password) |
174
|
|
|
{ |
175
|
191 |
|
return Yii::$app->security->generatePasswordHash((string)$password, $this->passwordCost); |
176
|
|
|
} |
177
|
|
|
|
178
|
|
|
/** |
179
|
|
|
* Verifies a password against a hash. |
180
|
|
|
* @param string $password The password to verify. |
181
|
|
|
* @return boolean whether the password is correct. |
182
|
|
|
*/ |
183
|
9 |
|
public function validatePassword($password) |
184
|
|
|
{ |
185
|
9 |
|
$phAttribute = $this->passwordHashAttribute; |
186
|
9 |
|
$result = Yii::$app->security->validatePassword($password, $this->$phAttribute); |
187
|
9 |
|
if ($result) { |
188
|
8 |
|
$this->trigger(static::$eventValidatePasswordSucceeded); |
|
|
|
|
189
|
8 |
|
return $result; |
190
|
|
|
} |
191
|
2 |
|
$this->trigger(static::$eventValidatePasswordFailed); |
|
|
|
|
192
|
2 |
|
return $result; |
193
|
|
|
} |
194
|
|
|
|
195
|
|
|
/** |
196
|
|
|
* Set new password. |
197
|
|
|
* If $password is empty, the specilty which represents the empty will be taken. |
198
|
|
|
* Finally, it will trigger `static::$eventAfterSetPassword` event. |
199
|
|
|
* @param string $password the new password to be set. |
200
|
|
|
*/ |
201
|
191 |
|
public function setPassword($password = null) |
202
|
|
|
{ |
203
|
191 |
|
if (empty($password)) { |
204
|
2 |
|
$password = $this->getEmptyPasswordSpecialty(); |
205
|
|
|
} |
206
|
191 |
|
$phAttribute = $this->passwordHashAttribute; |
207
|
191 |
|
$this->$phAttribute = $this->generatePasswordHash($password); |
208
|
191 |
|
$this->_password = $password; |
209
|
191 |
|
$this->trigger(static::$eventAfterSetPassword); |
|
|
|
|
210
|
191 |
|
} |
211
|
|
|
|
212
|
|
|
/** |
213
|
|
|
* Set empty password. |
214
|
|
|
*/ |
215
|
4 |
|
public function setEmptyPassword() |
216
|
|
|
{ |
217
|
4 |
|
$this->password = $this->getEmptyPasswordSpecialty(); |
218
|
4 |
|
} |
219
|
|
|
|
220
|
|
|
/** |
221
|
|
|
* Check whether password is empty. |
222
|
|
|
* @return boolean |
223
|
|
|
*/ |
224
|
4 |
|
public function getIsEmptyPassword() |
225
|
|
|
{ |
226
|
|
|
return |
227
|
4 |
|
(!is_string($this->passwordHashAttribute) || empty($this->passwordHashAttribute)) ? |
228
|
4 |
|
true : $this->validatePassword($this->getEmptyPasswordSpecialty()); |
229
|
|
|
} |
230
|
|
|
|
231
|
|
|
/** |
232
|
|
|
* Apply for new password. |
233
|
|
|
* If this model is new one, false will be given, and no events will be triggered. |
234
|
|
|
* If password reset feature is not enabled, `$eventNewPasswordAppliedFor` |
235
|
|
|
* will be triggered and return true directly. |
236
|
|
|
* Otherwise, the new password reset token will be regenerated and saved. Then |
237
|
|
|
* trigger the `$eventNewPasswordAppliedFor` and |
238
|
|
|
* `$eventPasswordResetTokenGenerated` events and return true. |
239
|
|
|
* @return boolean |
240
|
|
|
*/ |
241
|
1 |
|
public function applyForNewPassword() |
242
|
|
|
{ |
243
|
1 |
|
if ($this->isNewRecord) { |
|
|
|
|
244
|
1 |
|
return false; |
245
|
|
|
} |
246
|
1 |
|
if (!is_string($this->passwordResetTokenAttribute)) { |
247
|
|
|
$this->trigger(static::$eventNewPasswordAppliedFor); |
|
|
|
|
248
|
|
|
return true; |
249
|
|
|
} |
250
|
1 |
|
$prtAttribute = $this->passwordResetTokenAttribute; |
251
|
1 |
|
$this->$prtAttribute = static::generatePasswordResetToken(); |
252
|
1 |
|
if (!$this->save()) { |
|
|
|
|
253
|
|
|
$this->trigger(static::$eventResetPasswordFailed); |
|
|
|
|
254
|
|
|
return false; |
255
|
|
|
} |
256
|
1 |
|
$this->trigger(static::$eventNewPasswordAppliedFor); |
|
|
|
|
257
|
1 |
|
$this->trigger(static::$eventPasswordResetTokenGenerated); |
|
|
|
|
258
|
1 |
|
return true; |
259
|
|
|
} |
260
|
|
|
|
261
|
|
|
/** |
262
|
|
|
* Reset password with password reset token. |
263
|
|
|
* It will validate password reset token, before reseting password. |
264
|
|
|
* @param string $password New password to be reset. |
265
|
|
|
* @param string $token Password reset token. |
266
|
|
|
* @return boolean whether reset password successfully or not. |
267
|
|
|
*/ |
268
|
1 |
|
public function resetPassword($password, $token) |
269
|
|
|
{ |
270
|
1 |
|
if (!$this->validatePasswordResetToken($token)) { |
271
|
1 |
|
return false; |
272
|
|
|
} |
273
|
1 |
|
$this->trigger(static::$eventBeforeResetPassword); |
|
|
|
|
274
|
1 |
|
$this->password = $password; |
275
|
1 |
|
if (is_string($this->passwordResetTokenAttribute)) { |
276
|
1 |
|
$this->setPasswordResetToken(); |
277
|
|
|
} |
278
|
1 |
|
if (!$this->save()) { |
|
|
|
|
279
|
|
|
$this->trigger(static::$eventResetPasswordFailed); |
|
|
|
|
280
|
|
|
return false; |
281
|
|
|
} |
282
|
1 |
|
$this->trigger(static::$eventAfterResetPassword); |
|
|
|
|
283
|
1 |
|
return true; |
284
|
|
|
} |
285
|
|
|
|
286
|
|
|
/** |
287
|
|
|
* Generate password reset token. |
288
|
|
|
* @return string |
289
|
|
|
*/ |
290
|
1 |
|
public static function generatePasswordResetToken() |
291
|
|
|
{ |
292
|
1 |
|
return sha1(Yii::$app->security->generateRandomString()); |
293
|
|
|
} |
294
|
|
|
|
295
|
|
|
/** |
296
|
|
|
* The event triggered after new password set. |
297
|
|
|
* The auth key and access token should be regenerated if new password has applied. |
298
|
|
|
* @param ModelEvent $event |
299
|
|
|
*/ |
300
|
9 |
|
public function onAfterSetNewPassword($event) |
301
|
|
|
{ |
302
|
9 |
|
$this->onInitAuthKey($event); |
|
|
|
|
303
|
9 |
|
$this->onInitAccessToken($event); |
|
|
|
|
304
|
9 |
|
} |
305
|
|
|
|
306
|
|
|
/** |
307
|
|
|
* Validate whether the $token is the valid password reset token. |
308
|
|
|
* If password reset feature is not enabled, true will be given. |
309
|
|
|
* @param string $token |
310
|
|
|
* @return boolean whether the token is correct. |
311
|
|
|
*/ |
312
|
1 |
|
protected function validatePasswordResetToken($token) |
313
|
|
|
{ |
314
|
1 |
|
if (!is_string($this->passwordResetTokenAttribute)) { |
315
|
|
|
return true; |
316
|
|
|
} |
317
|
1 |
|
return $this->getPasswordResetToken() === $token; |
318
|
|
|
} |
319
|
|
|
|
320
|
|
|
/** |
321
|
|
|
* Initialize password reset token attribute. |
322
|
|
|
* @param ModelEvent $event |
323
|
|
|
*/ |
324
|
300 |
|
public function onInitPasswordResetToken($event) |
325
|
|
|
{ |
326
|
300 |
|
$sender = $event->sender; |
327
|
300 |
|
if (!is_string($sender->passwordResetTokenAttribute)) { |
328
|
|
|
return; |
329
|
|
|
} |
330
|
300 |
|
$this->setPasswordResetToken(); |
331
|
300 |
|
} |
332
|
|
|
|
333
|
|
|
/** |
334
|
|
|
* Set password reset token. |
335
|
|
|
* @param string $token |
336
|
|
|
* @return string |
337
|
|
|
*/ |
338
|
300 |
|
public function setPasswordResetToken($token = '') |
339
|
|
|
{ |
340
|
300 |
|
return $this->{$this->passwordResetTokenAttribute} = $token; |
341
|
|
|
} |
342
|
|
|
|
343
|
|
|
/** |
344
|
|
|
* Get password reset token. |
345
|
|
|
* @return string |
346
|
|
|
*/ |
347
|
1 |
|
public function getPasswordResetToken() |
348
|
|
|
{ |
349
|
1 |
|
return $this->{$this->passwordResetTokenAttribute}; |
350
|
|
|
} |
351
|
|
|
} |
352
|
|
|
|
This check looks for methods that are used by a trait but not required by it.
To illustrate, let’s look at the following code example
The trait
Idable
provides a methodequalsId
that in turn relies on the methodgetId()
. If this method does not exist on a class mixing in this trait, the method will fail.Adding the
getId()
as an abstract method to the trait will make sure it is available.