Elgg  Version 1.11
Public Member Functions | List of all members
Elgg\PasswordService Class Reference

Public Member Functions

 __construct ()
 Constructor. More...
 
 needsRehash ($hash)
 Determine if the password hash needs to be rehashed. More...
 
 verify ($password, $hash)
 Verify a password against a hash using a timing attack resistant approach. More...
 
 generateHash ($password)
 Hash a password for storage using password_hash() More...
 
 generateLegacyHash (\ElggUser $user, $password)
 Hash a password for storage. More...
 
 sendNewPasswordRequest ($user_guid)
 Generate and send a password request email to a given user's registered email address. More...
 
 forcePasswordReset ($user, $password)
 Set a user's new password and save the entity. More...
 
 executeNewPasswordReset ($user_guid, $conf_code, $password=null)
 Validate and change password for a user. More...
 

Detailed Description

Definition at line 11 of file PasswordService.php.

Constructor & Destructor Documentation

Elgg\PasswordService::__construct ( )

Constructor.

Definition at line 16 of file PasswordService.php.

Member Function Documentation

Elgg\PasswordService::executeNewPasswordReset (   $user_guid,
  $conf_code,
  $password = null 
)

Validate and change password for a user.

Parameters
int$user_guidThe user id
string$conf_codeConfirmation code as sent in the request email.
string$passwordOptional new password, if not randomly generated.
Returns
bool True on success

Definition at line 139 of file PasswordService.php.

Elgg\PasswordService::forcePasswordReset (   $user,
  $password 
)

Set a user's new password and save the entity.

This can only be called from execute_new_password_request().

Parameters
\ElggUser | int$userThe user GUID or entity
string$passwordText (which will then be converted into a hash and stored)
Returns
bool

Definition at line 113 of file PasswordService.php.

Elgg\PasswordService::generateHash (   $password)

Hash a password for storage using password_hash()

Parameters
string$passwordPassword in clear text
Returns
string

Definition at line 54 of file PasswordService.php.

Elgg\PasswordService::generateLegacyHash ( \ElggUser  $user,
  $password 
)

Hash a password for storage.

Currently salted MD5.

Parameters
\ElggUser$userThe user this is being generated for.
string$passwordPassword in clear text
Returns
string

Definition at line 66 of file PasswordService.php.

Elgg\PasswordService::needsRehash (   $hash)

Determine if the password hash needs to be rehashed.

If the answer is true, after validating the password using password_verify, rehash it.

Parameters
string$hashThe hash to test
Returns
boolean True if the password needs to be rehashed.

Definition at line 31 of file PasswordService.php.

Elgg\PasswordService::sendNewPasswordRequest (   $user_guid)

Generate and send a password request email to a given user's registered email address.

Parameters
int$user_guidUser GUID
Returns
bool

Definition at line 77 of file PasswordService.php.

Elgg\PasswordService::verify (   $password,
  $hash 
)

Verify a password against a hash using a timing attack resistant approach.

Parameters
string$passwordThe password to verify
string$hashThe hash to verify against
Returns
boolean If the password matches the hash

Definition at line 43 of file PasswordService.php.


The documentation for this class was generated from the following file: