partkeepr

fork of partkeepr
git clone https://git.e1e0.net/partkeepr.git
Log | Files | Refs | Submodules | README | LICENSE

ChangePasswordAction.php (3086B)

      1 <?php
      2 
      3 namespace PartKeepr\AuthBundle\Action;
      4 
      5 use Dunglas\ApiBundle\Action\ActionUtilTrait;
      6 use FOS\UserBundle\Model\UserManagerInterface;
      7 use FOS\UserBundle\Util\UserManipulator;
      8 use PartKeepr\AuthBundle\Exceptions\OldPasswordWrongException;
      9 use PartKeepr\AuthBundle\Exceptions\PasswordChangeNotAllowedException;
     10 use PartKeepr\AuthBundle\Services\UserService;
     11 use Symfony\Component\DependencyInjection\ContainerInterface;
     12 use Symfony\Component\HttpFoundation\Request;
     13 use Symfony\Component\Security\Core\Encoder\EncoderFactory;
     14 
     15 class ChangePasswordAction
     16 {
     17     use ActionUtilTrait;
     18 
     19     /**
     20      * @var UserService
     21      */
     22     private $userService;
     23 
     24     /**
     25      * @var UserManipulator
     26      */
     27     private $userManipulator;
     28 
     29     /**
     30      * @var EncoderFactory
     31      */
     32     private $encoderFactory;
     33 
     34     /**
     35      * @var UserManagerInterface
     36      */
     37     private $userManager;
     38 
     39     /**
     40      * @var ContainerInterface
     41      */
     42     private $container;
     43 
     44     public function __construct(
     45         UserService $userService,
     46         UserManipulator $userManipulator,
     47         EncoderFactory $encoderFactory,
     48         UserManagerInterface $userManager,
     49         ContainerInterface $container
     50     ) {
     51         $this->userService = $userService;
     52         $this->userManipulator = $userManipulator;
     53         $this->encoderFactory = $encoderFactory;
     54         $this->userManager = $userManager;
     55         $this->container = $container;
     56     }
     57 
     58     public function __invoke(Request $request)
     59     {
     60         if ($this->container->hasParameter('partkeepr.auth.allow_password_change') &&
     61             $this->container->getParameter('partkeepr.auth.allow_password_change') === false) {
     62             throw new PasswordChangeNotAllowedException();
     63         }
     64 
     65         $user = $this->userService->getUser();
     66 
     67         if (!$request->request->has('oldpassword') && !$request->request->has('newpassword')) {
     68             throw new \Exception('old password and new password need to be specified');
     69         }
     70 
     71         $FOSUser = $this->userManager->findUserByUsername($user->getUsername());
     72 
     73         if ($FOSUser !== null) {
     74             $encoder = $this->encoderFactory->getEncoder($FOSUser);
     75             $encoded_pass = $encoder->encodePassword($request->request->get('oldpassword'), $FOSUser->getSalt());
     76 
     77             if ($FOSUser->getPassword() != $encoded_pass) {
     78                 throw new OldPasswordWrongException();
     79             }
     80 
     81             $this->userManipulator->changePassword($user->getUsername(), $request->request->get('newpassword'));
     82         } else {
     83             if ($user->isLegacy()) {
     84                 if ($user->getPassword() !== md5($request->request->get('oldpassword'))) {
     85                     throw new OldPasswordWrongException();
     86                 }
     87 
     88                 $user->setNewPassword($request->request->get('newpassword'));
     89 
     90                 $this->userService->syncData($user);
     91             } else {
     92                 throw new \Exception('Cannot change password for LDAP users');
     93             }
     94         }
     95 
     96         $user->setPassword('');
     97         $user->setNewPassword('');
     98 
     99         return $user;
    100     }
    101 }