diff options
author | Andrew Dolgov <[email protected]> | 2022-06-10 22:16:48 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2022-06-10 22:16:48 +0300 |
commit | d4be8218253ae887c284ef30a9a3a0ef10799b9a (patch) | |
tree | bdd04fd80b726ee29e91441567436dd652841dfb /classes | |
parent | 8632c39eb2d5017d2137ccc599c900f57123893a (diff) |
UserHelper, CLI: add a method to check user password
Diffstat (limited to 'classes')
-rw-r--r-- | classes/userhelper.php | 46 |
1 files changed, 34 insertions, 12 deletions
diff --git a/classes/userhelper.php b/classes/userhelper.php index caa32a36e..7008bf62c 100644 --- a/classes/userhelper.php +++ b/classes/userhelper.php @@ -362,18 +362,14 @@ class UserHelper { return null; } - static function is_default_password(): bool { - - /** @var Auth_Internal|false $authenticator -- this is only here to make check_password() visible to static analyzer */ - $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]); - - if ($authenticator && - method_exists($authenticator, "check_password") && - $authenticator->check_password($_SESSION["uid"], "password")) { - - return true; - } - return false; + /** + * @param null|int $owner_uid if null, checks current user via session-specific auth module, if set works on internal database only + * @return bool + * @throws PDOException + * @throws Exception + */ + static function is_default_password(?int $owner_uid = null): bool { + return self::user_has_password($owner_uid, 'password'); } /** @@ -492,4 +488,30 @@ class UserHelper { return false; } + + /** + * @param null|int $owner_uid if null, checks current user via session-specific auth module, if set works on internal database only + * @param string $password password to compare hash against + * @return bool + */ + static function user_has_password(?int $owner_uid = null, string $password) : bool { + if ($owner_uid) { + $authenticator = new Auth_Internal(); + + return $authenticator->check_password($owner_uid, $password); + } else { + /** @var Auth_Internal|false $authenticator -- this is only here to make check_password() visible to static analyzer */ + $authenticator = PluginHost::getInstance()->get_plugin($_SESSION["auth_module"]); + + if ($authenticator && + method_exists($authenticator, "check_password") && + $authenticator->check_password($_SESSION["uid"], $password)) { + + return true; + } + } + + return false; + } + } |