UserHelper, CLI: add a method to check user password
This commit is contained in:
parent
8632c39eb2
commit
d4be821825
|
@ -362,18 +362,14 @@ class UserHelper {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
static function is_default_password(): bool {
|
/**
|
||||||
|
* @param null|int $owner_uid if null, checks current user via session-specific auth module, if set works on internal database only
|
||||||
/** @var Auth_Internal|false $authenticator -- this is only here to make check_password() visible to static analyzer */
|
* @return bool
|
||||||
$authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]);
|
* @throws PDOException
|
||||||
|
* @throws Exception
|
||||||
if ($authenticator &&
|
*/
|
||||||
method_exists($authenticator, "check_password") &&
|
static function is_default_password(?int $owner_uid = null): bool {
|
||||||
$authenticator->check_password($_SESSION["uid"], "password")) {
|
return self::user_has_password($owner_uid, 'password');
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -492,4 +488,30 @@ class UserHelper {
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param null|int $owner_uid if null, checks current user via session-specific auth module, if set works on internal database only
|
||||||
|
* @param string $password password to compare hash against
|
||||||
|
* @return bool
|
||||||
|
*/
|
||||||
|
static function user_has_password(?int $owner_uid = null, string $password) : bool {
|
||||||
|
if ($owner_uid) {
|
||||||
|
$authenticator = new Auth_Internal();
|
||||||
|
|
||||||
|
return $authenticator->check_password($owner_uid, $password);
|
||||||
|
} else {
|
||||||
|
/** @var Auth_Internal|false $authenticator -- this is only here to make check_password() visible to static analyzer */
|
||||||
|
$authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]);
|
||||||
|
|
||||||
|
if ($authenticator &&
|
||||||
|
method_exists($authenticator, "check_password") &&
|
||||||
|
$authenticator->check_password($_SESSION["uid"], $password)) {
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
16
update.php
16
update.php
|
@ -101,6 +101,7 @@
|
||||||
"user-list" => "list all users",
|
"user-list" => "list all users",
|
||||||
"user-add:" => ["USER[:PASSWORD[:ACCESS_LEVEL=0]]", "add USER, prompts for password if unset"],
|
"user-add:" => ["USER[:PASSWORD[:ACCESS_LEVEL=0]]", "add USER, prompts for password if unset"],
|
||||||
"user-remove:" => ["USERNAME", "remove USER"],
|
"user-remove:" => ["USERNAME", "remove USER"],
|
||||||
|
"user-check-password:" => ["USER:PASSWORD", "returns 0 if user has specified PASSWORD"],
|
||||||
"user-set-password:" => ["USER:PASSWORD", "sets PASSWORD of specified USER"],
|
"user-set-password:" => ["USER:PASSWORD", "sets PASSWORD of specified USER"],
|
||||||
"user-set-access-level:" => ["USER:LEVEL", "sets access LEVEL of specified USER"],
|
"user-set-access-level:" => ["USER:LEVEL", "sets access LEVEL of specified USER"],
|
||||||
"user-exists:" => ["USER", "returns 0 if specified USER exists in the database"],
|
"user-exists:" => ["USER", "returns 0 if specified USER exists in the database"],
|
||||||
|
@ -535,6 +536,21 @@
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (isset($options["user-check-password"])) {
|
||||||
|
list ($login, $password) = explode(":", $options["user-check-password"], 2);
|
||||||
|
|
||||||
|
$uid = UserHelper::find_user_by_login($login);
|
||||||
|
|
||||||
|
if (!$uid) {
|
||||||
|
Debug::log("Error: User not found: $login");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
$rc = UserHelper::user_has_password($uid, $password);
|
||||||
|
|
||||||
|
exit($rc ? 0 : 1);
|
||||||
|
}
|
||||||
|
|
||||||
PluginHost::getInstance()->run_commands($options);
|
PluginHost::getInstance()->run_commands($options);
|
||||||
|
|
||||||
if (file_exists(Config::get(Config::LOCK_DIRECTORY) . "/$lock_filename"))
|
if (file_exists(Config::get(Config::LOCK_DIRECTORY) . "/$lock_filename"))
|
||||||
|
|
Loading…
Reference in New Issue