Add password verification and update enhancements
This commit is contained in:
netkas
parent
5196ac2486
commit
3e3bcfd143
3 changed files with 82 additions and 7 deletions
|
|
@ -30,6 +30,16 @@
|
|||
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, "Invalid 'password' parameter, must be a valid argon2id hash");
|
||||
}
|
||||
|
||||
if(!$rpcRequest->containsParameter('existing_password'))
|
||||
{
|
||||
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, "Missing 'existing_password' parameter");
|
||||
}
|
||||
|
||||
if(!Cryptography::validateSha512($rpcRequest->getParameter('existing_password')))
|
||||
{
|
||||
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, "Invalid 'existing_password' parameter, must be a valid SHA-512 hash");
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
if (!PasswordManager::usesPassword($request->getPeer()->getUuid()))
|
||||
|
|
@ -42,6 +52,18 @@
|
|||
throw new StandardException('Failed to check password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
if (!PasswordManager::verifyPassword($request->getPeer()->getUuid(), $rpcRequest->getParameter('existing_password')))
|
||||
{
|
||||
return $rpcRequest->produceError(StandardError::METHOD_NOT_ALLOWED, "Failed to update password due to incorrect existing password");
|
||||
}
|
||||
}
|
||||
catch (Exception $e)
|
||||
{
|
||||
throw new StandardException('Failed to verify existing password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
// Set the password
|
||||
|
|
|
|||
|
|
@ -0,0 +1,49 @@
|
|||
<?php
|
||||
|
||||
namespace Socialbox\Classes\StandardMethods;
|
||||
|
||||
use Exception;
|
||||
use Socialbox\Abstracts\Method;
|
||||
use Socialbox\Classes\Cryptography;
|
||||
use Socialbox\Classes\Logger;
|
||||
use Socialbox\Enums\StandardError;
|
||||
use Socialbox\Exceptions\CryptographyException;
|
||||
use Socialbox\Exceptions\StandardException;
|
||||
use Socialbox\Interfaces\SerializableInterface;
|
||||
use Socialbox\Managers\PasswordManager;
|
||||
use Socialbox\Objects\ClientRequest;
|
||||
use Socialbox\Objects\RpcRequest;
|
||||
|
||||
class VerificationPasswordAuthentication extends Method
|
||||
{
|
||||
|
||||
/**
|
||||
* @inheritDoc
|
||||
*/
|
||||
public static function execute(ClientRequest $request, RpcRequest $rpcRequest): ?SerializableInterface
|
||||
{
|
||||
if(!$rpcRequest->containsParameter('password'))
|
||||
{
|
||||
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, "Missing 'password' parameter");
|
||||
}
|
||||
|
||||
if(!Cryptography::validateSha512($rpcRequest->getParameter('password')))
|
||||
{
|
||||
return $rpcRequest->produceError(StandardError::RPC_INVALID_ARGUMENTS, "Invalid 'password' parameter, must be a valid SHA-512 hash");
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
return $rpcRequest->produceResponse(PasswordManager::verifyPassword($request->getPeer()->getUuid(), $rpcRequest->getParameter('password')));
|
||||
}
|
||||
catch (CryptographyException $e)
|
||||
{
|
||||
return $rpcRequest->produceResponse(false);
|
||||
}
|
||||
catch (Exception $e)
|
||||
{
|
||||
Logger::getLogger()->error('Failed to verify password due to an internal exception', $e);
|
||||
throw new StandardException('Failed to verify password due to an internal exception', StandardError::INTERNAL_SERVER_ERROR, $e);
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue