From f2cdce29953391437018fcc69d08451d4b4a17f2 Mon Sep 17 00:00:00 2001 From: emkael Date: Thu, 10 Mar 2016 16:32:29 +0100 Subject: * refactoring password hash/verify methods --- app/php/pages/Signup.php | 2 +- app/php/user/DbUser.php | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) (limited to 'app/php') diff --git a/app/php/pages/Signup.php b/app/php/pages/Signup.php index 4ee62dd..e989eb6 100644 --- a/app/php/pages/Signup.php +++ b/app/php/pages/Signup.php @@ -12,7 +12,7 @@ class Signup extends TPage { if ($this->Page->IsValid) { $newUser = new User(); $newUser->Login = $this->Login->SafeText; - $newUser->Password = password_hash($this->Password->Text, PASSWORD_DEFAULT); + $newUser->Password = DbUser::generatePassword($this->Password->Text); $newUser->IsAdmin = $this->Admin->Checked; $newUser->save(); $this->Response->redirect( diff --git a/app/php/user/DbUser.php b/app/php/user/DbUser.php index c8459fa..bb6f78e 100644 --- a/app/php/user/DbUser.php +++ b/app/php/user/DbUser.php @@ -37,7 +37,7 @@ class DbUser extends TDbUser { public function validateUser($login, $password) { $user = User::finder()->findByLogin($login); $dbPassword = $user ? $user->Password : ''; - if (password_verify($password, $dbPassword) && $user) { + if (self::verifyPassword($password, $dbPassword) && $user) { $user->LastLogin = date('Y-m-d H:i:s'); $user->save(); return TRUE; @@ -62,6 +62,14 @@ class DbUser extends TDbUser { } } + public static function generatePassword($password) { + return password_hash($password, PASSWORD_DEFAULT); + } + + public static function verifyPassword($password, $dbPassword) { + return password_verify($password, $dbPassword); + } + } ?> -- cgit v1.2.3