silverstripe-framework/tests/security/MemberAuthenticatorTest.php

<?php
/**
 * @package framework
 * @subpackage tests
 */
class MemberAuthenticatorTest extends SapphireTest {

	protected $usesDatabase = true;

	public function testLegacyPasswordHashMigrationUponLogin() {
		$member = new Member();

		$field=Member::config()->unique_identifier_field;

		$member->$field = 'test1@test.com';
		$member->PasswordEncryption = "sha1";
		$member->Password = "mypassword";
		$member->write();

		$data = array(
			'Email' => $member->$field,
			'Password' => 'mypassword'
		);
		MemberAuthenticator::authenticate($data);

		$member = DataObject::get_by_id('Member', $member->ID);
		$this->assertEquals($member->PasswordEncryption, "sha1_v2.4");
		$result = $member->checkPassword('mypassword');
		$this->assertTrue($result->valid());
	}

	public function testNoLegacyPasswordHashMigrationOnIncompatibleAlgorithm() {
		Config::inst()->update('PasswordEncryptor', 'encryptors',
			array('crc32'=>array('PasswordEncryptor_PHPHash'=>'crc32')));
		$field=Member::config()->unique_identifier_field;

		$member = new Member();
		$member->$field = 'test2@test.com';
		$member->PasswordEncryption = "crc32";
		$member->Password = "mypassword";
		$member->write();

		$data = array(
			'Email' => $member->$field,
			'Password' => 'mypassword'
		);
		MemberAuthenticator::authenticate($data);

		$member = DataObject::get_by_id('Member', $member->ID);
		$this->assertEquals($member->PasswordEncryption, "crc32");
		$result = $member->checkPassword('mypassword');
		$this->assertTrue($result->valid());
	}

	public function testCustomIdentifierField(){

		$origField = Member::config()->unique_identifier_field;
		Member::config()->unique_identifier_field = 'Username';

		$label=singleton('Member')->fieldLabel(Member::config()->unique_identifier_field);

		$this->assertEquals($label, 'Username');

		Member::config()->unique_identifier_field = $origField;
	}
}
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`<?php`
			`/**`
MINOR Update @package values to match renaming sapphire 2012-04-12 08:02:46 +02:00			`* @package framework`
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`* @subpackage tests`
			`*/`
			`class MemberAuthenticatorTest extends SapphireTest {`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
MINOR Added flag to remaining SapphireTest subclasses git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@93977 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-30 02:56:05 +01:00			`protected $usesDatabase = true;`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
Method visibility according to coding conventions 2012-09-19 12:07:39 +02:00			`public function testLegacyPasswordHashMigrationUponLogin() {`
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`$member = new Member();`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
API Marked statics private, use Config API instead (#8317) See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details. 2013-03-21 19:48:54 +01:00			`$field=Member::config()->unique_identifier_field;`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
BUGFIX Fixed SapphireTest->loginWithPermission() and MemberAuthenticatorTest to use existing Members based on their unique_identifier_field (if existing) to accommodate recent Member->onBeforeWrite() changes (see r100705) (from r100723) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@105628 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-05-25 06:24:53 +02:00			`$member->$field = 'test1@test.com';`
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`$member->PasswordEncryption = "sha1";`
			`$member->Password = "mypassword";`
			`$member->write();`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`$data = array(`
BUGFIX: old 2.3 passwords now handled correctly and migrated accordingly (from r97357) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102443 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 07:01:31 +02:00			`'Email' => $member->$field,`
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`'Password' => 'mypassword'`
			`);`
			`MemberAuthenticator::authenticate($data);`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`$member = DataObject::get_by_id('Member', $member->ID);`
			`$this->assertEquals($member->PasswordEncryption, "sha1_v2.4");`
MINOR Fixed unit tests after change Member->checkPassword() to return ValidationResult instead of boolean (see r98268) (merged from r98274) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99701 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-02-23 05:05:34 +01:00			`$result = $member->checkPassword('mypassword');`
			`$this->assertTrue($result->valid());`
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`}`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
Method visibility according to coding conventions 2012-09-19 12:07:39 +02:00			`public function testNoLegacyPasswordHashMigrationOnIncompatibleAlgorithm() {`
FIX Remove instances of lines longer than 120c The entire framework repo (with the exception of system-generated files) has been amended to respect the 120c line-length limit. This is in preparation for the enforcement of this rule with PHP_CodeSniffer. 2012-09-26 23:34:00 +02:00			`Config::inst()->update('PasswordEncryptor', 'encryptors',`
			`array('crc32'=>array('PasswordEncryptor_PHPHash'=>'crc32')));`
API Marked statics private, use Config API instead (#8317) See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details. 2013-03-21 19:48:54 +01:00			`$field=Member::config()->unique_identifier_field;`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`$member = new Member();`
BUGFIX Fixed SapphireTest->loginWithPermission() and MemberAuthenticatorTest to use existing Members based on their unique_identifier_field (if existing) to accommodate recent Member->onBeforeWrite() changes (see r100705) (from r100723) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@105628 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-05-25 06:24:53 +02:00			`$member->$field = 'test2@test.com';`
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`$member->PasswordEncryption = "crc32";`
			`$member->Password = "mypassword";`
			`$member->write();`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`$data = array(`
BUGFIX: old 2.3 passwords now handled correctly and migrated accordingly (from r97357) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102443 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 07:01:31 +02:00			`'Email' => $member->$field,`
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`'Password' => 'mypassword'`
			`);`
			`MemberAuthenticator::authenticate($data);`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`$member = DataObject::get_by_id('Member', $member->ID);`
			`$this->assertEquals($member->PasswordEncryption, "crc32");`
MINOR Fixed unit tests after change Member->checkPassword() to return ValidationResult instead of boolean (see r98268) (merged from r98274) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@99701 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-02-23 05:05:34 +01:00			`$result = $member->checkPassword('mypassword');`
			`$this->assertTrue($result->valid());`
BUGFIX Legacy password hash migration in MemberAuthenticator::authenticate() which fixes the precision problems mentioned in #3004 when a user logs in git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@90950 467b73ca-7a2a-4603-9d3b-597d59a354a9 2009-11-06 03:23:30 +01:00			`}`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
Method visibility according to coding conventions 2012-09-19 12:07:39 +02:00			`public function testCustomIdentifierField(){`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
API Marked statics private, use Config API instead (#8317) See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details. 2013-03-21 19:48:54 +01:00			`$origField = Member::config()->unique_identifier_field;`
			`Member::config()->unique_identifier_field = 'Username';`
MINOR Fixed MemberAuthenticatorTest, was setting global state in r97357 (from r97369) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102444 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 07:01:48 +02:00
API Marked statics private, use Config API instead (#8317) See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details. 2013-03-21 19:48:54 +01:00			`$label=singleton('Member')->fieldLabel(Member::config()->unique_identifier_field);`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
BUGFIX: old 2.3 passwords now handled correctly and migrated accordingly (from r97357) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102443 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 07:01:31 +02:00			`$this->assertEquals($label, 'Username');`
Remove all redundant whitespace 2014-08-15 08:53:05 +02:00
API Marked statics private, use Config API instead (#8317) See "Static configuration properties are now immutable, you must use Config API." in the 3.1 change log for details. 2013-03-21 19:48:54 +01:00			`Member::config()->unique_identifier_field = $origField;`
BUGFIX: old 2.3 passwords now handled correctly and migrated accordingly (from r97357) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@102443 467b73ca-7a2a-4603-9d3b-597d59a354a9 2010-04-12 07:01:31 +02:00			`}`
MINOR Add newline to end of files without one 2012-03-24 04:04:52 +01:00			`}`