File Services/Core/Authentication/Strategies/PasswordHashStrategy.inc.php

Summary
Packages
- AddonValue
  - Summary
  - Interfaces
- AdminAccess
  - Summary
  - Collections
  - Deleters
  - Entities
  - Exceptions
  - Factories
  - Interfaces
  - Managers
  - Readers
  - Writers
- AdminHttpViewControllers
- Agreement
  - Summary
  - Entities
  - Factories
  - Interfaces
  - Repositories
  - ValueObjects
- ApiV2Controllers
- Authentication
  - Summary
  - Collections
  - Entities
  - Factories
  - Interfaces
  - Strategies
- Category
  - Summary
  - Collections
  - Entities
  - Factories
  - Interfaces
  - Providers
  - Repositories
  - Storages
- Customer
  - Summary
  - Address
  - Country
  - CountryZone
  - Interfaces
  - Storages
  - Validation
  - ValueObjects
- CustomerGroup
  - Summary
  - Entities
  - Factories
  - Interfaces
  - Repositories
  - Serializers
  - Services
  - ValueObjects
- Email
  - Summary
  - Collections
  - Entities
  - Exceptions
  - Interfaces
  - Repository
  - ValueObjects
- Extensions
  - Summary
  - Customers
  - Emails
  - Geschaeftskundenversand
  - Helpers
  - Invoices
  - Orders
  - ParcelShopFinder
  - QuickEdit
  - Serializers
  - Templates
- Geschaeftskundenversand
  - Summary
  - Exceptions
- Http
  - Summary
  - Collections
  - Exceptions
  - Factories
  - Interfaces
  - ValueObjects
- HttpViewControllers
- InfoBox
  - Summary
  - Collections
  - Entities
  - Factories
  - Interfaces
  - Repositories
- Invoice
  - Summary
  - Interfaces
  - ValueObjects
- Loaders
  - Summary
  - CrossCuttingLoader
  - GXCoreLoader
  - Interfaces
- Manufacturer
  - Summary
  - Entities
  - Factories
  - Interfaces
  - Repositories
- Modules
  - Summary
  - Collections
  - Controllers
  - Interfaces
- NewsletterSubscription
  - Summary
  - Interfaces
- None
- Order
  - Summary
  - Collections
  - Entities
  - Factories
  - Interfaces
  - Repositories
  - Storages
  - ValueObjects
- OrderStatus
  - Summary
  - Collections
  - Entities
  - Exceptions
  - Factories
  - Interfaces
  - Repositories
- PackingSlip
  - Summary
  - Collections
  - ValueObjects
- PersonalData
  - Summary
  - Storage
- Precheck
- Product
  - Summary
  - Collections
  - Entities
  - Factories
  - Interfaces
  - Providers
  - Repositories
  - Storages
- ProductModule
  - Summary
  - Collections
  - Deleter
  - Entities
  - Factories
  - Interface
  - Interfaces
  - Reader
  - Repositories
  - Writer
- QuantityUnit
  - Summary
  - Entities
  - Factories
  - Repositories
- QuickEdit
  - Summary
  - Interfaces
  - Repositories
- Review
  - Summary
  - Entities
  - Factories
  - Interfaces
  - Repositories
  - Services
  - ValueObjects
- Shared
  - Summary
  - ClassFinder
  - Exceptions
  - FileSystem
  - Interfaces
  - Storage
  - Types
- SharedShoppingCart
  - Summary
  - Interfaces
- ShoppingCart
  - Summary
  - Entities
  - Interfaces
- Slider
  - Summary
  - Collections
  - Entities
  - Factories
  - Interfaces
  - Repositories
  - Storages
- Smarty
  - Summary
  - plugins
- StaticSeoUrl
  - Summary
  - Collections
  - Entities
  - Factories
  - Interfaces
  - Repositories
- StaticSeoUrls
- Statistics
  - Summary
  - Interfaces
- UserConfiguration
  - Summary
  - Interfaces
  - Repository
- VersionInfo
  - Summary
  - Factories
  - Reader
  - ValueObjects
- VPE
  - Summary
  - Entities
  - Factories
  - Repositories
- Withdrawal
  - Summary
  - Entities
  - Factories
  - Interfaces
  - Repositories
  - Services
  - ValueObjects
Classes
Interfaces
Traits
Exceptions
Functions

  1   2   3   4   5   6   7   8   9  10  11  12  13  14  15  16  17  18  19  20  21  22  23  24  25  26  27  28  29  30  31  32  33  34  35  36  37  38  39  40  41  42  43  44  45  46  47  48  49  50  51  52  53  54  55  56  57  58  59  60  61  62  63  64  65  66  67  68  69  70  71  72  73  74  75  76  77  78  79  80  81  82  83  84  85  86  87  88  89  90  91  92  93  94  95  96  97  98  99 100 101 102 103 104 105 106 107 108 109 110

<?php
/* --------------------------------------------------------------
   PasswordHashStrategy.inc.php 2016-08-08
   Gambio GmbH
   http://www.gambio.de
   Copyright (c) 2016 Gambio GmbH
   Released under the GNU General Public License (Version 2)
   [http://www.gnu.org/licenses/gpl-2.0.html]
   --------------------------------------------------------------
*/

/**
 * Class PasswordHashStrategy
 *
 * @category   System
 * @package    Authentication
 * @subpackage Strategies
 */
class PasswordHashStrategy implements AuthStrategyInterface
{
    /**
     * Verifies a given password by its stored hash from the current hashing algorithm.
     *
     * @param StringType             $password                       Password that should be verified.
     * @param NonEmptyStringType     $hash                           Stored Hash of a password.
     * @param AuthStrategyCollection $alternativeAlgorithmCollection Collection of alternative hashing algorithms.
     *
     * @return bool Returns true if $password matches $hash, false otherwise.
     */
    public function verify(StringType $password,
                           NonEmptyStringType $hash,
                           AuthStrategyCollection $alternativeAlgorithmCollection = null)
    {
        if(password_verify($password->asString(), $hash->asString()))
        {
            return true;
        }
        
        if($alternativeAlgorithmCollection !== null)
        {
            /** @var AuthStrategyInterface $algorithm */
            foreach($alternativeAlgorithmCollection->getArray() as $algorithm)
            {
                if($algorithm->verify($password, $hash))
                {
                    return true;
                }
            }
        }
        
        return false;
    }
    
    
    /**
     * Generates a hash by given password string.
     *
     * @param StringType $password String that should be hashed.
     *
     * @throws RuntimeException if password_hash() could not create a hash.
     *
     * @return string Resulting hash.
     */
    public function getHash(StringType $password)
    {
        $hash = password_hash($password->asString(), PASSWORD_DEFAULT);
        
        if($hash === false)
        {
            throw new RuntimeException('password_hash() could not create a hash.');
        }
        
        return $hash;
    }
    
    
    /**
     * Returns a rehashed password hash if it does not match the currently used hashing algorithm.
     *
     * @param StringType                  $password                       Password that should be rehashed by a new
     *                                                                    algorithm.
     * @param NonEmptyStringType          $hash                           Current password hash.
     * @param AuthStrategyCollection|null $alternativeAlgorithmCollection Collection of alternative hashing algorithms.
     *
     * @return string The new password hash.
     */
    public function getRehashedPassword(StringType $password,
                                        NonEmptyStringType $hash,
                                        AuthStrategyCollection $alternativeAlgorithmCollection = null)
    {
        if($this->verify($password, $hash) && password_needs_rehash($hash->asString(), PASSWORD_DEFAULT))
        {
            return $this->getHash($password);
        }
        
        if($alternativeAlgorithmCollection !== null)
        {
            /** @var AuthStrategyInterface $algorithm */
            foreach($alternativeAlgorithmCollection->getArray() as $algorithm)
            {
                if($algorithm->verify($password, $hash))
                {
                    return $this->getHash($password);
                }
            }
        }
        
        return $hash->asString();
    }
}