Home Explore Help
Sign In
kevin
/
Ethica-vitrine
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 3e2a1f9930
Branches Tags
Ethica-vitrine
/
user
/
plugins
/
login
/
cli
/
ChangePasswordCommand.php

ChangePasswordCommand.php 6.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * @package    Grav\Plugin\Login
    4. 

  4.  *
    5. 

  5.  * @copyright  Copyright (C) 2014 - 2017 RocketTheme, LLC. All rights reserved.
    6. 

  6.  * @license    MIT License; see LICENSE file for details.
    7. 

  7.  */
    8. 

  8. namespace Grav\Plugin\Console;
    9. 

  9. 

  10. use Grav\Common\Config\Config;
    11. 

  11. use Grav\Console\ConsoleCommand;
    12. 

  12. use Grav\Common\Grav;
    13. 

  13. use Grav\Common\File\CompiledYamlFile;
    14. 

  14. use Grav\Common\User\User;
    15. 

  15. use RocketTheme\Toolbox\ResourceLocator\UniformResourceLocator;
    16. 

  16. use Symfony\Component\Console\Input\InputOption;
    17. 

  17. use Symfony\Component\Console\Helper\Helper;
    18. 

  18. use Symfony\Component\Console\Question\Question;
    19. 

  19. 

  20. /**
    21. 

  21.  * Class CleanCommand
    22. 

  22.  *
    23. 

  23.  * @package Grav\Console\Cli
    24. 

  24.  */
    25. 

  25. class ChangePasswordCommand extends ConsoleCommand
    26. 

  26. {
    27. 

  27.     /**
    28. 

  28.      * @var array
    29. 

  29.      */
    30. 

  30.     protected $options = [];
    31. 

  31. 

  32.     /**
    33. 

  33.      * Configure the command
    34. 

  34.      */
    35. 

  35.     protected function configure()
    36. 

  36.     {
    37. 

  37.         $this
    38. 

  38.             ->setName('change-password')
    39. 

  39.             ->setAliases(['edit-password', 'newpass', 'changepass', 'passwd'])
    40. 

  40.             ->addOption(
    41. 

  41.                 'user',
    42. 

  42.                 'u',
    43. 

  43.                 InputOption::VALUE_REQUIRED,
    44. 

  44.                 'The username'
    45. 

  45.             )
    46. 

  46.             ->addOption(
    47. 

  47.                 'password',
    48. 

  48.                 'p',
    49. 

  49.                 InputOption::VALUE_REQUIRED,
    50. 

  50.                 "The password. Note that this option is not recommended because the password will be visible by users listing the processes. You should also make sure the password respects Grav's password policy."
    51. 

  51.             )
    52. 

  52.             ->setDescription('Changes a User Password')
    53. 

  53.             ->setHelp('The <info>change-password</info> changes the password of the specified user. (User must exist)')
    54. 

  54.         ;
    55. 

  55.     }
    56. 

  56. 

  57.     /**
    58. 

  58.      * @return int|null|void
    59. 

  59.      */
    60. 

  60.     protected function serve()
    61. 

  61.     {
    62. 

  62.         $this->options = [
    63. 

  63.             'user'        => $this->input->getOption('user'),
    64. 

  64.             'password1'   => $this->input->getOption('password')
    65. 

  65.         ];
    66. 

  66. 

  67.         $this->validateOptions();
    68. 

  68. 

  69.         $helper = $this->getHelper('question');
    70. 

  70.         $data   = [];
    71. 

  71. 

  72.         $this->output->writeln('<green>Changing User Password</green>');
    73. 

  73.         $this->output->writeln('');
    74. 

  74. 

  75.         if (!$this->options['user']) {
    76. 

  76.             // Get username and validate
    77. 

  77.             $question = new Question('Enter a <yellow>username</yellow>: ');
    78. 

  78.             $question->setValidator(function ($value) {
    79. 

  79.                 return $this->validate('user', $value);
    80. 

  80.             });
    81. 

  81. 

  82.             $username = $helper->ask($this->input, $this->output, $question);
    83. 

  83.         } else {
    84. 

  84.             $username = $this->options['user'];
    85. 

  85.         }
    86. 

  86. 

  87. 

  88.         if (!$this->options['password1']) {
    89. 

  89.             // Get password and validate
    90. 

  90.             $password = $this->askForPassword($helper, 'Enter a <yellow>new password</yellow>: ', function ($password1) use ($helper) {
    91. 

  91.                 $this->validate('password1', $password1);
    92. 

  92. 

  93.                 // Since input is hidden when prompting for passwords, the user is asked to repeat the password
    94. 

  94.                 return $this->askForPassword($helper, 'Repeat the <yellow>password</yellow>: ', function ($password2) use ($password1) {
    95. 

  95.                     return $this->validate('password2', $password2, $password1);
    96. 

  96.                 });
    97. 

  97.             });
    98. 

  98. 

  99.             $data['password'] = $password;
    100. 

  100.         } else {
    101. 

  101.             $data['password'] = $this->options['password1'];
    102. 

  102.         }
    103. 

  103. 

  104.         // Lowercase the username for the filename
    105. 

  105.         $username = strtolower($username);
    106. 

  106. 

  107.         /** @var UniformResourceLocator $locator */
    108. 

  108.         $locator = Grav::instance()['locator'];
    109. 

  109.         
    110. 

  110.         // Grab the account file and read in the information before setting the file (prevent setting erase)
    111. 

  111.         $oldUserFile = CompiledYamlFile::instance($locator->findResource('account://' . $username . YAML_EXT, true, true));
    112. 

  112.         $oldData = (array)$oldUserFile->content();
    113. 

  113.         
    114. 

  114.         //Set the password feild to new password
    115. 

  115.         $oldData['password'] = $data['password'];
    116. 

  116.         
    117. 

  117.         // Create user object and save it using oldData (with updated password)
    118. 

  118.         $user = new User($oldData);
    119. 

  119.         $file = CompiledYamlFile::instance($locator->findResource('account://' . $username . YAML_EXT, true, true));
    120. 

  120.         $user->file($file);
    121. 

  121.         $user->save();
    122. 

  122. 

  123.         $this->output->writeln('');
    124. 

  124.         $this->output->writeln('<green>Success!</green> User <cyan>' . $username . '\'s</cyan> password changed.');
    125. 

  125.     }
    126. 

  126. 

  127.     /**
    128. 

  128.      *
    129. 

  129.      */
    130. 

  130.     protected function validateOptions()
    131. 

  131.     {
    132. 

  132.         foreach (array_filter($this->options) as $type => $value) {
    133. 

  133.             $this->validate($type, $value);
    134. 

  134.         }
    135. 

  135.     }
    136. 

  136. 

  137.     /**
    138. 

  138.      * @param        $type
    139. 

  139.      * @param        $value
    140. 

  140.      * @param string $extra
    141. 

  141.      *
    142. 

  142.      * @return mixed
    143. 

  143.      */
    144. 

  144.     protected function validate($type, $value, $extra = '')
    145. 

  145.     {
    146. 

  146.         /** @var Config $config */
    147. 

  147.         $config = Grav::instance()['config'];
    148. 

  148. 

  149.         /** @var UniformResourceLocator $locator */
    150. 

  150.         $locator = Grav::instance()['locator'];
    151. 

  151. 

  152.         $username_regex = '/' . $config->get('system.username_regex') . '/';
    153. 

  153.         $pwd_regex      = '/' . $config->get('system.pwd_regex') . '/';
    154. 

  154. 

  155.         switch ($type) {
    156. 

  156.             case 'user':
    157. 

  157.                 if (!preg_match($username_regex, $value)) {
    158. 

  158.                     throw new \RuntimeException('Username should be between 3 and 16 characters, including lowercase letters, numbers, underscores, and hyphens. Uppercase letters, spaces, and special characters are not allowed');
    159. 

  159.                 }
    160. 

  160.                 if (!$locator->findResource('account://' . $value . YAML_EXT)) {
    161. 

  161.                     throw new \RuntimeException('Username "' . $value . '" does not exist, please pick another username');
    162. 

  162.                 }
    163. 

  163. 

  164.                 break;
    165. 

  165. 

  166.             case 'password1':
    167. 

  167.                 if (!preg_match($pwd_regex, $value)) {
    168. 

  168.                     throw new \RuntimeException('Password must contain at least one number and one uppercase and lowercase letter, and at least 8 or more characters');
    169. 

  169.                 }
    170. 

  170. 

  171.                 break;
    172. 

  172. 

  173.             case 'password2':
    174. 

  174.                 if (strcmp($value, $extra)) {
    175. 

  175.                     throw new \RuntimeException('Passwords did not match.');
    176. 

  176.                 }
    177. 

  177. 

  178.                 break;
    179. 

  179.         }
    180. 

  180. 

  181.         return $value;
    182. 

  182.     }
    183. 

  183. 

  184.     /**
    185. 

  185.      * Get password and validate.
    186. 

  186.      *
    187. 

  187.      * @param Helper   $helper
    188. 

  188.      * @param string   $question
    189. 

  189.      * @param callable $validator
    190. 

  190.      *
    191. 

  191.      * @return string
    192. 

  192.      */
    193. 

  193.     protected function askForPassword(Helper $helper, $question, callable $validator)
    194. 

  194.     {
    195. 

  195.         $question = new Question($question);
    196. 

  196.         $question->setValidator($validator);
    197. 

  197.         $question->setHidden(true);
    198. 

  198.         $question->setHiddenFallback(true);
    199. 

  199. 

  200.         return $helper->ask($this->input, $this->output, $question);
    201. 

  201.     }
    202. 

  202. }
    203.