PasswordService_8php_source.html

 <?php
 namespace Elgg;

 final class PasswordService {

     public function __construct() {
         if (!function_exists('password_hash')) {
             throw new \RuntimeException("password_hash and associated functions are required.");
         }
     }

     function needsRehash($hash) {
         return password_needs_rehash($hash, PASSWORD_DEFAULT);
     }

     function verify($password, $hash) {
         return password_verify($password, $hash);
     }

     function generateHash($password) {
         return password_hash($password, PASSWORD_DEFAULT);
     }

     function generateLegacyHash(\ElggUser $user, $password) {
         return md5($password . $user->salt);
     }

     function sendNewPasswordRequest($user_guid) {
         $user_guid = (int)$user_guid;

         $user = _elgg_services()->entityTable->get($user_guid);
         if (!$user instanceof \ElggUser) {
             return false;
         }

         // generate code
         $code = generate_random_cleartext_password();
         $user->setPrivateSetting('passwd_conf_code', $code);
         $user->setPrivateSetting('passwd_conf_time', time());

         // generate link
         $link = _elgg_services()->config->getSiteUrl() . "changepassword?u=$user_guid&c=$code";

         // generate email
         $ip_address = _elgg_services()->request->getClientIp();
         $message = _elgg_services()->translator->translate(
             'email:changereq:body', array($user->name, $ip_address, $link), $user->language);
         $subject = _elgg_services()->translator->translate(
             'email:changereq:subject', array(), $user->language);

         return notify_user($user->guid, elgg_get_site_entity()->guid, $subject, $message, array(), 'email');
     }

     function forcePasswordReset($user, $password) {
         if (!$user instanceof \ElggUser) {
             $user = _elgg_services()->entityTable->get($user, 'user');
             if (!$user) {
                 return false;
             }
         }

         $user->setPassword($password);

         $ia = elgg_set_ignore_access(true);
         $result = (bool)$user->save();
         elgg_set_ignore_access($ia);

         return $result;
     }

     function executeNewPasswordReset($user_guid, $conf_code, $password = null) {
         $user_guid = (int)$user_guid;
         $user = get_entity($user_guid);

         if ($password === null) {
             $password = generate_random_cleartext_password();
             $reset = true;
         } else {
             $reset = false;
         }

         if (!$user instanceof \ElggUser) {
             return false;
         }

         $saved_code = $user->getPrivateSetting('passwd_conf_code');
         $code_time = (int) $user->getPrivateSetting('passwd_conf_time');
         $codes_match = _elgg_services()->crypto->areEqual($saved_code, $conf_code);

         if (!$saved_code || !$codes_match) {
             return false;
         }

         // Discard for security if it is 24h old
         if (!$code_time || $code_time < time() - 24 * 60 * 60) {
             return false;
         }

         if (!$this->forcePasswordReset($user, $password)) {
             return false;
         }

         remove_private_setting($user_guid, 'passwd_conf_code');
         remove_private_setting($user_guid, 'passwd_conf_time');
         // clean the logins failures
         reset_login_failure_count($user_guid);

         $ns = $reset ? 'resetpassword' : 'changepassword';

         $message = _elgg_services()->translator->translate(
             "email:$ns:body", array($user->username, $password), $user->language);
         $subject = _elgg_services()->translator->translate("email:$ns:subject", array(), $user->language);

         notify_user($user->guid, elgg_get_site_entity()->guid, $subject, $message, array(), 'email');

         return true;
     }
 }
Elgg\PasswordService\verify
verify($password, $hash)
Verify a password against a hash using a timing attack resistant approach.
Definition: PasswordService.php:43

elgg_get_site_entity
elgg_get_site_entity($site_guid=0)
Get an  entity (default is current site)
Definition: sites.php:18

$subject
$subject
Definition: exceptions.php:25

$result
$result
Definition: set_maintenance_mode.php:11

$message
$message
Definition: set_maintenance_mode.php:7

Elgg\PasswordService\__construct
__construct()
Constructor.
Definition: PasswordService.php:16

Elgg\PasswordService
Definition: PasswordService.php:11

reset_login_failure_count
reset_login_failure_count($user_guid)
Resets the fail login count for $user_guid.
Definition: sessions.php:232

Elgg\PasswordService\executeNewPasswordReset
executeNewPasswordReset($user_guid, $conf_code, $password=null)
Validate and change password for a user.
Definition: PasswordService.php:139

$code
$code
Definition: changepassword.php:12

Elgg
Save menu items.

remove_private_setting
remove_private_setting($entity_guid, $name)
Deletes a private setting for an entity.
Definition: private_settings.php:114

elgg_set_ignore_access
elgg_set_ignore_access($ignore=true)
Set if Elgg&#39;s access system should be ignored.
Definition: access.php:43

$user
$user
Definition: ban.php:13

Elgg\PasswordService\generateLegacyHash
generateLegacyHash(\ElggUser $user, $password)
Hash a password for storage.
Definition: PasswordService.php:66

Elgg\PasswordService\needsRehash
needsRehash($hash)
Determine if the password hash needs to be rehashed.
Definition: PasswordService.php:31

$reset
$reset
Definition: profile_fields.php:9

_elgg_services
_elgg_services(\Elgg\Di\ServiceProvider $services=null)
Get the global service provider.
Definition: autoloader.php:17

$password
$password
Definition: login.php:25

time
elgg subtext time
Definition: typography.css.php:121

notify_user
notify_user($to, $from, $subject, $message, array $params=array(), $methods_override="")
Notify a user via their preferences.
Definition: notification.php:480

generate_random_cleartext_password
generate_random_cleartext_password()
Generate a random 12 character clear text password.
Definition: users.php:189

$user_guid
$user_guid
Avatar remove action.
Definition: remove.php:6

Elgg\PasswordService\generateHash
generateHash($password)
Hash a password for storage using password_hash()
Definition: PasswordService.php:54

Elgg\PasswordService\forcePasswordReset
forcePasswordReset($user, $password)
Set a user&#39;s new password and save the entity.
Definition: PasswordService.php:113

Elgg\PasswordService\sendNewPasswordRequest
sendNewPasswordRequest($user_guid)
Generate and send a password request email to a given user&#39;s registered email address.
Definition: PasswordService.php:77

get_entity
get_entity($guid)
Loads and returns an entity object from a guid.
Definition: entities.php:204

ElggUser
Definition: ElggUser.php:20