add PasswordApi

CHANGELOG-1.4.md

@@ -21,6 +21,7 @@ CHANGELOG - ZIKULA 1.4.x
     - Fetch Webshim (vendor) using composer (#3271, #3262).
     - Removed custom JS compression from Jenkins build in favor of AssetMerger service (#3272, #3250).
     - Template overrides are also considered in sub requests (e.g. embedding a Formicula form into a Content page) (#3234).
+    - Implement PasswordApi in ZAuthModule (#3175, #3289)
 
  - Vendor updates:
     - afarkas/webshim installed at 1.16.0

composer.json

@@ -69,6 +69,7 @@
         "vierbergenlars/php-semver": "~3.0",
         "zikula/wizard": "dev-master",
         "zikula/filesystem": "dev-master",
+        "ircmaxell/random-lib": "1.*",
 
 
         "zikula/jquery-bundle": "dev-master",

src/docs/Core-2.0/Api/PasswordApi.md

@@ -0,0 +1,16 @@
+PasswordApi
+===========
+
+classname: \Zikula\ZAuthModule\Api\PasswordApi
+
+service id="zikula_zauth_module.api.password"
+
+This class is used to manage passwords. 
+
+The class makes the following methods available:
+
+    - getHashedPassword($unhashedPassword, $hashMethodCode = self::DEFAULT_HASH_METHOD_CODE)
+    - generatePassword($length = self::MIN_LENGTH)
+    - passwordsMatch($unhashedPassword, $hashedPassword)
+
+The class is fully tested.

src/lib/Zikula/Bundle/CoreInstallerBundle/Controller/AjaxInstallController.php

@@ -252,7 +252,7 @@ private function updateAdmin()
         $mapping->setUname($userEntity->getUname());
         $mapping->setEmail($userEntity->getEmail());
         $mapping->setVerifiedEmail(true);
-        $mapping->setPass(\UserUtil::getHashedPassword($params['password'], \UserUtil::getPasswordHashMethodCode(ZAuthConstant::DEFAULT_HASH_METHOD))); // @todo
+        $mapping->setPass($this->container->get('zikula_zauth_module.api.password')->getHashedPassword($params['password']));
         $mapping->setMethod(ZAuthConstant::AUTHENTICATION_METHOD_UNAME);
         $entityManager->persist($mapping);
 

src/lib/Zikula/Bundle/CoreInstallerBundle/Resources/config/validators.yml

@@ -11,6 +11,10 @@ services:
 
     zikula_core_installer_bundle.validator.constraints.authenticate_admin_login_validator:
         class: %zikula_core_installer_bundle.validator.constraints.authenticate_admin_login_validator.class%
-        arguments: ["@zikula_permissions_module.api.permission", "@doctrine.dbal.default_connection", "@translator.default"]
+        arguments:
+            - "@zikula_permissions_module.api.permission"
+            - "@doctrine.dbal.default_connection"
+            - "@translator.default"
+            - "@zikula_zauth_module.api.password"
         tags:
             - { name: validator.constraint_validator, alias: zikula.core_installer.authenticate_admin_login.validator }

src/lib/Zikula/Bundle/CoreInstallerBundle/Validator/Constraints/AuthenticateAdminLoginValidator.php

@@ -17,6 +17,7 @@
 use Zikula\Common\Translator\TranslatorInterface;
 use Zikula\Common\Translator\TranslatorTrait;
 use Zikula\PermissionsModule\Api\PermissionApi;
+use Zikula\ZAuthModule\Api\PasswordApi;
 
 class AuthenticateAdminLoginValidator extends ConstraintValidator
 {
@@ -32,17 +33,24 @@ class AuthenticateAdminLoginValidator extends ConstraintValidator
      */
     private $databaseConnection;
 
+    /**
+     * @var PasswordApi
+     */
+    private $passwordApi;
+
     /**
      * AuthenticateAdminLoginValidator constructor.
      * @param PermissionApi $permissionApi
      * @param Connection $connection
      * @param TranslatorInterface $translator
+     * @param PasswordApi $passwordApi
      */
-    public function __construct(PermissionApi $permissionApi, Connection $connection, TranslatorInterface $translator)
+    public function __construct(PermissionApi $permissionApi, Connection $connection, TranslatorInterface $translator, PasswordApi $passwordApi)
     {
         $this->permissionApi = $permissionApi;
         $this->databaseConnection = $connection;
         $this->setTranslator($translator);
+        $this->passwordApi = $passwordApi;
     }
 
     public function setTranslator($translator)
@@ -68,7 +76,7 @@ public function validate($object, Constraint $constraint)
             ;
         }
 
-        if (empty($user) || ($user['uid'] <= 1) || (!\UserUtil::passwordsMatch($object['password'], $user['pass']))) { // @todo
+        if (empty($user) || ($user['uid'] <= 1) || (!$this->passwordApi->passwordsMatch($object['password'], $user['pass']))) {
             $this->context->buildViolation($this->__('Error! Could not login with provided credentials. Please try again.'))
                 ->addViolation();
         } else {