Changeset View
Changeset View
Standalone View
Standalone View
src/applications/auth/provider/PhabricatorPasswordAuthProvider.php
Show First 20 Lines • Show All 247 Lines • ▼ Show 20 Lines | private function renderPasswordLoginForm( | ||||
return $dialog; | return $dialog; | ||||
} | } | ||||
public function processLoginRequest( | public function processLoginRequest( | ||||
PhabricatorAuthLoginController $controller) { | PhabricatorAuthLoginController $controller) { | ||||
$request = $controller->getRequest(); | $request = $controller->getRequest(); | ||||
$viewer = $request->getUser(); | $viewer = $request->getUser(); | ||||
$content_source = PhabricatorContentSource::newFromRequest($request); | |||||
$require_captcha = false; | $require_captcha = false; | ||||
$captcha_valid = false; | $captcha_valid = false; | ||||
if (AphrontFormRecaptchaControl::isRecaptchaEnabled()) { | if (AphrontFormRecaptchaControl::isRecaptchaEnabled()) { | ||||
$failed_attempts = PhabricatorUserLog::loadRecentEventsFromThisIP( | $failed_attempts = PhabricatorUserLog::loadRecentEventsFromThisIP( | ||||
PhabricatorUserLog::ACTION_LOGIN_FAILURE, | PhabricatorUserLog::ACTION_LOGIN_FAILURE, | ||||
60 * 15); | 60 * 15); | ||||
if (count($failed_attempts) > 5) { | if (count($failed_attempts) > 5) { | ||||
Show All 16 Lines | if ($request->isFormPost()) { | ||||
if (!$user) { | if (!$user) { | ||||
$user = PhabricatorUser::loadOneWithEmailAddress( | $user = PhabricatorUser::loadOneWithEmailAddress( | ||||
$username_or_email); | $username_or_email); | ||||
} | } | ||||
if ($user) { | if ($user) { | ||||
$envelope = new PhutilOpaqueEnvelope($request->getStr('password')); | $envelope = new PhutilOpaqueEnvelope($request->getStr('password')); | ||||
if ($user->comparePassword($envelope)) { | |||||
$account = $this->loadOrCreateAccount($user->getPHID()); | |||||
$log_user = $user; | |||||
// If the user's password is stored using a less-than-optimal | $engine = id(new PhabricatorAuthPasswordEngine()) | ||||
// hash, upgrade them to the strongest available hash. | ->setViewer($user) | ||||
->setContentSource($content_source) | |||||
->setPasswordType(PhabricatorAuthPassword::PASSWORD_TYPE_ACCOUNT) | |||||
->setObject($user); | |||||
$hash_envelope = new PhutilOpaqueEnvelope( | if ($engine->isValidPassword($envelope)) { | ||||
$user->getPasswordHash()); | $account = $this->loadOrCreateAccount($user->getPHID()); | ||||
if (PhabricatorPasswordHasher::canUpgradeHash($hash_envelope)) { | $log_user = $user; | ||||
$user->setPassword($envelope); | |||||
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); | |||||
$user->save(); | |||||
unset($unguarded); | |||||
} | |||||
} | } | ||||
} | } | ||||
} | } | ||||
} | } | ||||
} | } | ||||
if (!$account) { | if (!$account) { | ||||
if ($request->isFormPost()) { | if ($request->isFormPost()) { | ||||
▲ Show 20 Lines • Show All 69 Lines • Show Last 20 Lines |