Finalized admin security
This commit is contained in:
franck
@@ -3,6 +3,8 @@
|
||||
namespace Thelia\Model;
|
||||
|
||||
use Thelia\Core\Security\User\UserInterface;
|
||||
use Thelia\Core\Security\Role\Role;
|
||||
|
||||
use Thelia\Model\Base\Admin as BaseAdmin;
|
||||
|
||||
/**
|
||||
@@ -18,9 +20,34 @@ use Thelia\Model\Base\Admin as BaseAdmin;
|
||||
*/
|
||||
class Admin extends BaseAdmin implements UserInterface
|
||||
{
|
||||
|
||||
public function setPassword($password)
|
||||
{
|
||||
\Thelia\Log\Tlog::getInstance()->debug($password);
|
||||
|
||||
if ($this->isNew() && ($password === null || trim($password) == "")) {
|
||||
throw new InvalidArgumentException("customer password is mandatory on creation");
|
||||
}
|
||||
|
||||
if($password !== null && trim($password) != "") {
|
||||
$this->setAlgo("PASSWORD_BCRYPT");
|
||||
return parent::setPassword(password_hash($password, PASSWORD_BCRYPT));
|
||||
}
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
public function checkPassword($password)
|
||||
{
|
||||
return password_verify($password, $this->password);
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
public function getUsername() {
|
||||
return $this->getLogin();
|
||||
}
|
||||
|
||||
@@ -3,7 +3,37 @@
|
||||
namespace Thelia\Model;
|
||||
|
||||
use Thelia\Model\Base\AdminLog as BaseAdminLog;
|
||||
use Thelia\Core\HttpFoundation\Request;
|
||||
use Thelia\Log\Tlog;
|
||||
use Thelia\Model\Base\Admin as BaseAdminUser;
|
||||
|
||||
class AdminLog extends BaseAdminLog {
|
||||
|
||||
}
|
||||
/**
|
||||
* A sdimple helper to insert an entry in the admin log
|
||||
*
|
||||
* @param unknown $actionLabel
|
||||
* @param Request $request
|
||||
* @param Admin $adminUser
|
||||
*/
|
||||
public static function append($actionLabel, Request $request, BaseAdminUser $adminUser = null) {
|
||||
|
||||
$log = new AdminLog();
|
||||
|
||||
$log
|
||||
->setAdminLogin($adminUser !== null ? $adminUser->getLogin() : '<no login>')
|
||||
->setAdminFirstname($adminUser !== null ? $adminUser->getFirstname() : '<no first name>')
|
||||
->setAdminLastname($adminUser !== null ? $adminUser->getLastname() : '<no last name>')
|
||||
->setAction($actionLabel)
|
||||
->setRequest($request->__toString())
|
||||
;
|
||||
|
||||
try {
|
||||
$log->save();
|
||||
}
|
||||
catch (\Exception $ex) {
|
||||
Tlog::getInstance()->err("Failed to insert new entry in AdminLog: {ex}", array('ex' => $ex));
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
@@ -113,12 +113,19 @@ class Customer extends BaseCustomer implements UserInterface
|
||||
$this->dispatcher = $dispatcher;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
public function getUsername() {
|
||||
return $this->getEmail();
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritDoc}
|
||||
*/
|
||||
|
||||
public function getUsername() {
|
||||
return $this->getEmail();
|
||||
public function checkPassword($password)
|
||||
{
|
||||
return password_verify($password, $this->password);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
Reference in New Issue
Block a user