[Summary view] [Print] [Text view]

   1  <?php
   2  /**
   3   * Part of the Joomla Framework Authentication Package
   4   *
   5   * @copyright  Copyright (C) 2005 - 2021 Open Source Matters, Inc. All rights reserved.
   6   * @license    GNU General Public License version 2 or later; see LICENSE
   7   */
   8  
   9  namespace Joomla\Authentication;
  10  
  11  use Joomla\Authentication\Password\BCryptHandler;
  12  use Joomla\Authentication\Password\HandlerInterface;
  13  
  14  /**
  15   * Abstract AuthenticationStrategy for username/password based authentication
  16   *
  17   * @since  1.1.0
  18   */
  19  abstract class AbstractUsernamePasswordAuthenticationStrategy implements AuthenticationStrategyInterface
  20  {
  21      /**
  22       * The password handler to validate the password against.
  23       *
  24       * @var    HandlerInterface
  25       * @since  1.2.0
  26       */
  27      protected $passwordHandler;
  28  
  29      /**
  30       * The last authentication status.
  31       *
  32       * @var    integer
  33       * @since  1.1.0
  34       */
  35      protected $status;
  36  
  37      /**
  38       * Constructor.
  39       *
  40       * @param   HandlerInterface  $passwordHandler  The password handler.
  41       *
  42       * @since   1.2.0
  43       */
  44  	public function __construct(?HandlerInterface $passwordHandler = null)
  45      {
  46          $this->passwordHandler = $passwordHandler ?: new BCryptHandler;
  47      }
  48  
  49      /**
  50       * Attempt to authenticate the username and password pair.
  51       *
  52       * @param   string  $username  The username to authenticate.
  53       * @param   string  $password  The password to attempt authentication with.
  54       *
  55       * @return  string|boolean  A string containing a username if authentication is successful, false otherwise.
  56       *
  57       * @since   1.1.0
  58       */
  59  	protected function doAuthenticate($username, $password)
  60      {
  61          $hashedPassword = $this->getHashedPassword($username);
  62  
  63          if ($hashedPassword === false)
  64          {
  65              $this->status = Authentication::NO_SUCH_USER;
  66  
  67              return false;
  68          }
  69  
  70          if (!$this->verifyPassword($username, $password, $hashedPassword))
  71          {
  72              $this->status = Authentication::INVALID_CREDENTIALS;
  73  
  74              return false;
  75          }
  76  
  77          $this->status = Authentication::SUCCESS;
  78  
  79          return $username;
  80      }
  81  
  82      /**
  83       * Retrieve the hashed password for the specified user.
  84       *
  85       * @param   string  $username  Username to lookup.
  86       *
  87       * @return  string|boolean  Hashed password on success or boolean false on failure.
  88       *
  89       * @since   1.1.0
  90       */
  91      abstract protected function getHashedPassword($username);
  92  
  93      /**
  94       * Get the status of the last authentication attempt.
  95       *
  96       * @return  integer  Authentication class constant result.
  97       *
  98       * @since   1.1.0
  99       */
 100  	public function getResult()
 101      {
 102          return $this->status;
 103      }
 104  
 105      /**
 106       * Attempt to verify the username and password pair.
 107       *
 108       * @param   string  $username        The username to authenticate.
 109       * @param   string  $password        The password to attempt authentication with.
 110       * @param   string  $hashedPassword  The hashed password to attempt authentication against.
 111       *
 112       * @return  boolean
 113       *
 114       * @since   1.1.0
 115       */
 116  	protected function verifyPassword($username, $password, $hashedPassword)
 117      {
 118          return $this->passwordHandler->validatePassword($password, $hashedPassword);
 119      }
 120  }