From 3841459bcf9583fccc7fa67a16a638c9bf82b1e2 Mon Sep 17 00:00:00 2001 From: Pig Fang Date: Wed, 3 Jun 2020 17:08:22 +0800 Subject: [PATCH] remove `EncryptUserPassword` event --- app/Events/EncryptUserPassword.php | 25 ------------- app/Models/Concerns/HasPassword.php | 36 ++++++++----------- .../ControllersTest/UserControllerTest.php | 13 ++++++- 3 files changed, 26 insertions(+), 48 deletions(-) delete mode 100644 app/Events/EncryptUserPassword.php diff --git a/app/Events/EncryptUserPassword.php b/app/Events/EncryptUserPassword.php deleted file mode 100644 index 6dcb39ab..00000000 --- a/app/Events/EncryptUserPassword.php +++ /dev/null @@ -1,25 +0,0 @@ -raw = $raw; - $this->user = $user; - } -} diff --git a/app/Models/Concerns/HasPassword.php b/app/Models/Concerns/HasPassword.php index f0cb1781..316e9079 100644 --- a/app/Models/Concerns/HasPassword.php +++ b/app/Models/Concerns/HasPassword.php @@ -2,39 +2,31 @@ namespace App\Models\Concerns; -use App\Events\EncryptUserPassword; -use Illuminate\Support\Arr; +use App\Services\Cipher\BaseCipher; +use Blessing\Filter; trait HasPassword { public function verifyPassword(string $raw) { - // Compare directly if any responses is returned by event dispatcher - if ($result = $this->getEncryptedPwdFromEvent($raw, $this)) { - return hash_equals($this->password, $result); // @codeCoverageIgnore - } + /** @var BaseCipher */ + $cipher = resolve('cipher'); + /** @var Filter */ + $filter = resolve(Filter::class); + $password = $this->password; + $user = $this; - return app('cipher')->verify($raw, $this->password, config('secure.salt')); - } + $passed = $cipher->verify($raw, $password, config('secure.salt')); + $passed = $filter->apply('verify_password', $passed, [$raw, $user]); - /** - * Try to get encrypted password from event dispatcher. - */ - public function getEncryptedPwdFromEvent(string $raw) - { - $responses = event(new EncryptUserPassword($raw, $this)); - - return Arr::get($responses, 0); + return $passed; } public function changePassword(string $password): bool { - $responses = event(new EncryptUserPassword($password, $this)); - $hash = Arr::get($responses, 0); - if (empty($hash)) { - $hash = app('cipher')->hash($password, config('secure.salt')); - } - $this->password = $hash; + $password = resolve('cipher')->hash($password, config('secure.salt')); + $password = resolve(Filter::class)->apply('user_password', $password); + $this->password = $password; return $this->save(); } diff --git a/tests/HttpTest/ControllersTest/UserControllerTest.php b/tests/HttpTest/ControllersTest/UserControllerTest.php index dee95a3e..d933ca8e 100644 --- a/tests/HttpTest/ControllersTest/UserControllerTest.php +++ b/tests/HttpTest/ControllersTest/UserControllerTest.php @@ -330,6 +330,7 @@ class UserControllerTest extends TestCase ]); // Change password successfully + $filter = Fakes\Filter::fake(); $this->postJson('/user/profile', [ 'action' => 'password', 'current_password' => '12345678', @@ -349,7 +350,17 @@ class UserControllerTest extends TestCase return true; }); - Event::assertDispatched(Events\EncryptUserPassword::class); + $filter->assertApplied('verify_password', function ($passed, $raw, $u) use ($user) { + $this->assertEquals('12345678', $raw); + $this->assertTrue($user->is($u)); + + return true; + }); + $filter->assertApplied('user_password', function ($password) { + $this->assertTrue(password_verify('87654321', $password)); + + return true; + }); $this->assertTrue(User::find($user->uid)->verifyPassword('87654321')); // After changed password, user should re-login. $this->assertGuest();