UserHelper, CLI: add a method to check user password

This commit is contained in:
Andrew Dolgov 2022-06-10 22:16:48 +03:00
parent 8632c39eb2
commit d4be821825
No known key found for this signature in database
GPG Key ID: 1A56B4FA25D4AF2A
2 changed files with 50 additions and 12 deletions

View File

@ -362,18 +362,14 @@ class UserHelper {
return null;
}
static function is_default_password(): bool {
/** @var Auth_Internal|false $authenticator -- this is only here to make check_password() visible to static analyzer */
$authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]);
if ($authenticator &&
method_exists($authenticator, "check_password") &&
$authenticator->check_password($_SESSION["uid"], "password")) {
return true;
}
return false;
/**
* @param null|int $owner_uid if null, checks current user via session-specific auth module, if set works on internal database only
* @return bool
* @throws PDOException
* @throws Exception
*/
static function is_default_password(?int $owner_uid = null): bool {
return self::user_has_password($owner_uid, 'password');
}
/**
@ -492,4 +488,30 @@ class UserHelper {
return false;
}
/**
* @param null|int $owner_uid if null, checks current user via session-specific auth module, if set works on internal database only
* @param string $password password to compare hash against
* @return bool
*/
static function user_has_password(?int $owner_uid = null, string $password) : bool {
if ($owner_uid) {
$authenticator = new Auth_Internal();
return $authenticator->check_password($owner_uid, $password);
} else {
/** @var Auth_Internal|false $authenticator -- this is only here to make check_password() visible to static analyzer */
$authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]);
if ($authenticator &&
method_exists($authenticator, "check_password") &&
$authenticator->check_password($_SESSION["uid"], $password)) {
return true;
}
}
return false;
}
}

View File

@ -101,6 +101,7 @@
"user-list" => "list all users",
"user-add:" => ["USER[:PASSWORD[:ACCESS_LEVEL=0]]", "add USER, prompts for password if unset"],
"user-remove:" => ["USERNAME", "remove USER"],
"user-check-password:" => ["USER:PASSWORD", "returns 0 if user has specified PASSWORD"],
"user-set-password:" => ["USER:PASSWORD", "sets PASSWORD of specified USER"],
"user-set-access-level:" => ["USER:LEVEL", "sets access LEVEL of specified USER"],
"user-exists:" => ["USER", "returns 0 if specified USER exists in the database"],
@ -535,6 +536,21 @@
exit(1);
}
if (isset($options["user-check-password"])) {
list ($login, $password) = explode(":", $options["user-check-password"], 2);
$uid = UserHelper::find_user_by_login($login);
if (!$uid) {
Debug::log("Error: User not found: $login");
exit(1);
}
$rc = UserHelper::user_has_password($uid, $password);
exit($rc ? 0 : 1);
}
PluginHost::getInstance()->run_commands($options);
if (file_exists(Config::get(Config::LOCK_DIRECTORY) . "/$lock_filename"))