Source for file jAuthDriverBase.class.php

Documentation is available at jAuthDriverBase.class.php

  1. <?php
  2. /**
  3. @package    jelix
  4. @subpackage auth_driver
  5. @author      Laurent Jouanneau
  6. @copyright   2011 Laurent Jouanneau
  7. @licence  http://www.gnu.org/licenses/lgpl.html GNU Lesser General Public Licence, see LICENCE file
  8. */
  9.  
  10. /**
  11.  * base class for some jAuth drivers
  12.  */
  13. class jAuthDriverBase {
  14.  
  15.     protected $_params;
  16.     protected $passwordHashMethod;
  17.     protected $passwordHashOptions;
  18.  
  19.     function __construct($params){
  20.         $this->_params = $params;
  21.         $this->passwordHashOptions = $params['password_hash_options'];
  22.         $this->passwordHashMethod = $params['password_hash_method'];
  23.     }
  24.  
  25.     /**
  26.      * hash the given password
  27.      * @param string $password the password to hash
  28.      * @return string the hash password
  29.      */
  30.     public function cryptPassword($password$forceOldHash false{
  31.         if (!$forceOldHash && $this->passwordHashMethod{
  32.             return password_hash($password$this->passwordHashMethod$this->passwordHashOptions);
  33.         }
  34.  
  35.         if (isset($this->_params['password_crypt_function'])) {
  36.             $f $this->_params['password_crypt_function'];
  37.             if ($f != ''{
  38.                 if ($f[1== ':'{
  39.                     $t $f[0];
  40.                     $f substr($f2);
  41.                     if ($t == '1'{
  42.                         return $f((isset($this->_params['password_salt'])?$this->_params['password_salt']:'')$password);
  43.                     }
  44.                     else if ($t == '2'{
  45.                         return $f($this->_params$password);
  46.                     }
  47.                 }
  48.                 return $f($password);
  49.             }
  50.         }
  51.         return $password;
  52.     }
  53.  
  54.     /**
  55.      * @param string $givenPassword     the password to verify
  56.      * @param string $currentPasswordHash the hash of the real password
  57.      * @return boolean|stringfalse if password does not correspond. True if it is ok. A string
  58.      *  containing a new hash if it is ok and need to store a new hash
  59.      */
  60.     public function checkPassword($givenPassword$currentPasswordHash{
  61.         if ($currentPasswordHash[0== '$' && $this->passwordHashMethod{
  62.             // ok, we have hash for standard API, let's use standard API
  63.             if (!password_verify($givenPassword$currentPasswordHash)) {
  64.                 return false;
  65.             }
  66.  
  67.             // check if rehash is needed, 
  68.             if (password_needs_rehash($currentPasswordHash$this->passwordHashMethod$this->passwordHashOptions)) {
  69.                 return password_hash($givenPassword$this->passwordHashMethod,  $this->passwordHashOptions);
  70.             }
  71.         }
  72.         else {
  73.             // verify with the old hash api
  74.             if ($currentPasswordHash != $this->cryptPassword($givenPasswordtrue)) {
  75.                 return false;
  76.             }
  77.  
  78.             if ($this->passwordHashMethod{
  79.                 // if there is a method to hash with the standard API, let's rehash the password
  80.                 return password_hash($givenPassword$this->passwordHashMethod,  $this->passwordHashOptions);
  81.             }
  82.         }
  83.         return true;
  84.     }
  85. }
  86.  
  87.  
  88. /**
  89.  * function to use to crypt password. use the password_salt value in the config
  90.  * file of the plugin.
  91.  * @deprecated
  92.  */
  93. function sha1WithSalt($salt$password{
  94.     return sha1($salt.':'.$password);
  95. }

Documentation generated on Wed, 24 Sep 2014 21:56:23 +0200 by phpDocumentor 1.4.3