From 7a97db5bd8b4f3e8d9032f87a5ed3c6393c92e37 Mon Sep 17 00:00:00 2001 From: Jordan Doyle Date: Sun, 9 Oct 2016 15:18:34 +0100 Subject: [PATCH] Add Wordpress hashing methods --- src/Auth/AuthServiceProvider.php | 20 ++++++++++++++++++++ src/Auth/WordpressGuard.php | 205 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/Guards/WordpressGuard.php | 205 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- src/Hashing/HashServiceProvider.php | 41 +++++++++++++++++++++++++++++++++++++++++ src/Hashing/WordpressHasher.php | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/Providers/KoseligServiceProvider.php | 10 +++++++++- src/Providers/RoutingServiceProvider.php | 30 ------------------------------ src/Providers/WordpressServiceProvider.php | 14 -------------- src/Routing/RoutingServiceProvider.php | 30 ++++++++++++++++++++++++++++++ 9 files changed, 360 insertions(+), 250 deletions(-) create mode 100644 src/Auth/AuthServiceProvider.php create mode 100644 src/Auth/WordpressGuard.php delete mode 100644 src/Guards/WordpressGuard.php create mode 100644 src/Hashing/HashServiceProvider.php create mode 100644 src/Hashing/WordpressHasher.php delete mode 100644 src/Providers/RoutingServiceProvider.php create mode 100644 src/Routing/RoutingServiceProvider.php diff --git a/src/Auth/AuthServiceProvider.php b/src/Auth/AuthServiceProvider.php new file mode 100644 index 0000000..36c46a5 --- /dev/null +++ b/src/Auth/AuthServiceProvider.php @@ -0,0 +1,20 @@ + + */ +class AuthServiceProvider extends ServiceProvider +{ + public function boot() + { + Auth::extend('wordpress', function ($app, $name, array $config) { + return new WordpressGuard(Auth::createUserProvider($config['provider'])); + }); + } +} diff --git a/src/Auth/WordpressGuard.php b/src/Auth/WordpressGuard.php new file mode 100644 index 0000000..b5f66ac --- /dev/null +++ b/src/Auth/WordpressGuard.php @@ -0,0 +1,205 @@ + + */ +class WordpressGuard implements StatefulGuard +{ + use GuardHelpers; + + /** + * Get the last user we attempted to login as. + * + * @var User + */ + private $lastAttempted = null; + + /** + * Determine if the current user is authenticated. + * + * @return bool + */ + public function check() + { + return is_user_logged_in(); + } + + /** + * Get the currently authenticated user. + * + * @return \Illuminate\Contracts\Auth\Authenticatable|null + */ + public function user() + { + // If we've already retrieved the user for the current request we can just + // return it back immediately. We do not want to fetch the user data on + // every call to this method because that would be tremendously slow. + if (!is_null($this->user)) { + return $this->user; + } + + return $this->user = ($this->check() ? User::find(get_current_user_id()) : null); + } + + /** + * Validate a user's credentials. + * + * @param array $credentials + * @return bool + */ + public function validate(array $credentials = []) + { + $user = wp_authenticate($credentials['username'], $credentials['password']); + + $this->lastAttempted = User::find($user->ID); + + return !($user instanceof WP_Error); + } + + /** + * Attempt to authenticate a user using the given credentials. + * + * @param array $credentials + * @param bool $remember + * @param bool $login + * @return bool + */ + public function attempt(array $credentials = [], $remember = false, $login = true) + { + $validate = $this->validate($credentials); + + if (!$login) { + return $validate; + } + + $user = $this->lastAttempted; + + // check if we should use a secure cookie + wp_set_auth_cookie($user->ID, $credentials['remember'], Request::secure()); + Action::trigger('wp_login', $user->user_login, $user); + + $this->setUser($user); + + return true; + } + + /** + * Log a user into the application without sessions or cookies. + * + * @param array $credentials + * @return bool + */ + public function once(array $credentials = []) + { + if ($this->validate($credentials)) { + $this->setUser($this->lastAttempted); + return true; + } + + return false; + } + + /** + * Log a user into the application. + * + * @param \Illuminate\Contracts\Auth\Authenticatable $user + * @param bool $remember + * @return void + */ + public function login(Authenticatable $user, $remember = false) + { + wp_set_auth_cookie($user->ID, $remember); + Action::trigger('wp_login', $user->user_login, get_userdata($user->ID)); + wp_set_current_user($user->ID); + + $this->user = $user; + } + + /** + * Log the given user ID into the application. + * + * @param mixed $id + * @param bool $remember + * @return \Illuminate\Contracts\Auth\Authenticatable|bool + */ + public function loginUsingId($id, $remember = false) + { + $user = User::find($id); + + if (!$user) { + return false; + } + + wp_set_auth_cookie($user->ID, $remember); + Action::trigger('wp_login', $user->user_login, get_userdata($user->ID)); + wp_set_current_user($user->ID); + + return $this->user = $user; + } + + /** + * Log the given user ID into the application without sessions or cookies. + * + * @param mixed $id + * @return bool + */ + public function onceUsingId($id) + { + $user = User::find($id); + + if (!$user) { + return false; + } + + wp_set_current_user($id); + + return $this->user = $user; + } + + /** + * Determine if the user was authenticated via "remember me" cookie. + * + * @return bool + */ + public function viaRemember() + { + return Request::hasCookie(Request::secure() ? SECURE_AUTH_COOKIE : AUTH_COOKIE); + } + + /** + * Log the user out of the application. + * + * @return void + */ + public function logout() + { + wp_logout(); + $this->user = null; + } + + /** + * Set the current user. + * + * @param \Illuminate\Contracts\Auth\Authenticatable $user + * @return $this + */ + public function setUser(Authenticatable $user) + { + wp_set_current_user($user->ID); + $this->user = $user; + + return $this; + } +} diff --git a/src/Guards/WordpressGuard.php b/src/Guards/WordpressGuard.php deleted file mode 100644 index 410fde7..0000000 --- a/src/Guards/WordpressGuard.php +++ /dev/null @@ -1,205 +0,0 @@ - - */ -class WordpressGuard implements StatefulGuard -{ - use GuardHelpers; - - /** - * Get the last user we attempted to login as. - * - * @var User - */ - private $lastAttempted = null; - - /** - * Determine if the current user is authenticated. - * - * @return bool - */ - public function check() - { - return is_user_logged_in(); - } - - /** - * Get the currently authenticated user. - * - * @return \Illuminate\Contracts\Auth\Authenticatable|null - */ - public function user() - { - // If we've already retrieved the user for the current request we can just - // return it back immediately. We do not want to fetch the user data on - // every call to this method because that would be tremendously slow. - if (!is_null($this->user)) { - return $this->user; - } - - return $this->user = ($this->check() ? User::find(get_current_user_id()) : null); - } - - /** - * Validate a user's credentials. - * - * @param array $credentials - * @return bool - */ - public function validate(array $credentials = []) - { - $user = wp_authenticate($credentials['username'], $credentials['password']); - - $this->lastAttempted = User::find($user->ID); - - return !($user instanceof WP_Error); - } - - /** - * Attempt to authenticate a user using the given credentials. - * - * @param array $credentials - * @param bool $remember - * @param bool $login - * @return bool - */ - public function attempt(array $credentials = [], $remember = false, $login = true) - { - $validate = $this->validate($credentials); - - if (!$login) { - return $validate; - } - - $user = $this->lastAttempted; - - // check if we should use a secure cookie - wp_set_auth_cookie($user->ID, $credentials['remember'], Request::secure()); - Action::trigger('wp_login', $user->user_login, $user); - - $this->setUser($user); - - return true; - } - - /** - * Log a user into the application without sessions or cookies. - * - * @param array $credentials - * @return bool - */ - public function once(array $credentials = []) - { - if ($this->validate($credentials)) { - $this->setUser($this->lastAttempted); - return true; - } - - return false; - } - - /** - * Log a user into the application. - * - * @param \Illuminate\Contracts\Auth\Authenticatable $user - * @param bool $remember - * @return void - */ - public function login(Authenticatable $user, $remember = false) - { - wp_set_auth_cookie($user->ID, $remember); - Action::trigger('wp_login', $user->user_login, get_userdata($user->ID)); - wp_set_current_user($user->ID); - - $this->user = $user; - } - - /** - * Log the given user ID into the application. - * - * @param mixed $id - * @param bool $remember - * @return \Illuminate\Contracts\Auth\Authenticatable|bool - */ - public function loginUsingId($id, $remember = false) - { - $user = User::find($id); - - if (!$user) { - return false; - } - - wp_set_auth_cookie($user->ID, $remember); - Action::trigger('wp_login', $user->user_login, get_userdata($user->ID)); - wp_set_current_user($user->ID); - - return $this->user = $user; - } - - /** - * Log the given user ID into the application without sessions or cookies. - * - * @param mixed $id - * @return bool - */ - public function onceUsingId($id) - { - $user = User::find($id); - - if (!$user) { - return false; - } - - wp_set_current_user($id); - - return $this->user = $user; - } - - /** - * Determine if the user was authenticated via "remember me" cookie. - * - * @return bool - */ - public function viaRemember() - { - return Request::hasCookie(Request::secure() ? SECURE_AUTH_COOKIE : AUTH_COOKIE); - } - - /** - * Log the user out of the application. - * - * @return void - */ - public function logout() - { - wp_logout(); - $this->user = null; - } - - /** - * Set the current user. - * - * @param \Illuminate\Contracts\Auth\Authenticatable $user - * @return $this - */ - public function setUser(Authenticatable $user) - { - wp_set_current_user($user->ID); - $this->user = $user; - - return $this; - } -} diff --git a/src/Hashing/HashServiceProvider.php b/src/Hashing/HashServiceProvider.php new file mode 100644 index 0000000..3619c1d --- /dev/null +++ b/src/Hashing/HashServiceProvider.php @@ -0,0 +1,41 @@ + + */ +class HashServiceProvider extends ServiceProvider +{ + /** + * Indicates if loading of the provider is deferred. + * + * @var bool + */ + protected $defer = true; + + /** + * Register the service provider. + * + * @return void + */ + public function register() + { + $this->app->singleton('hash', function () { + return new WordpressHasher; + }); + } + + /** + * Get the services provided by the provider. + * + * @return array + */ + public function provides() + { + return ['hash']; + } +} diff --git a/src/Hashing/WordpressHasher.php b/src/Hashing/WordpressHasher.php new file mode 100644 index 0000000..4a35120 --- /dev/null +++ b/src/Hashing/WordpressHasher.php @@ -0,0 +1,55 @@ + + */ +class WordpressHasher implements HasherContract +{ + /** + * Hash the given value. + * + * @param string $value + * @param array $options + * @return string + * + * @throws \RuntimeException + */ + public function make($value, array $options = []) + { + dd(wp_hash_password($value)); + + return wp_hash_password($value); + } + + /** + * Check the given plain value against a hash. + * + * @param string $value + * @param string $hashedValue + * @param array $options + * @return bool + */ + public function check($value, $hashedValue, array $options = []) + { + return wp_check_password($value, $hashedValue, isset($options['user_id']) ? $options['user_id'] : ''); + } + + /** + * Check if the given hash has been hashed using the given options. + * + * @param string $hashedValue + * @param array $options + * @return bool + */ + public function needsRehash($hashedValue, array $options = []) + { + return false; + } +} + diff --git a/src/Providers/KoseligServiceProvider.php b/src/Providers/KoseligServiceProvider.php index 0380878..6136645 100644 --- a/src/Providers/KoseligServiceProvider.php +++ b/src/Providers/KoseligServiceProvider.php @@ -2,6 +2,8 @@ namespace Koselig\Providers; use Illuminate\Support\ServiceProvider; +use Koselig\Auth\AuthServiceProvider; +use Koselig\Routing\RoutingServiceProvider; /** * Registers all the other service providers used by this package. @@ -17,8 +19,14 @@ class KoseligServiceProvider extends ServiceProvider */ public function register() { + // Generic service providers $this->app->register(WordpressServiceProvider::class); - $this->app->register(RoutingServiceProvider::class); $this->app->register(ConfigServiceProvider::class); + + // Routing service provider + $this->app->register(RoutingServiceProvider::class); + + // Authentication service provider + $this->app->register(AuthServiceProvider::class); } } diff --git a/src/Providers/RoutingServiceProvider.php b/src/Providers/RoutingServiceProvider.php deleted file mode 100644 index 389957c..0000000 --- a/src/Providers/RoutingServiceProvider.php +++ /dev/null @@ -1,30 +0,0 @@ - - */ -class RoutingServiceProvider extends ServiceProvider -{ - /** - * Bootstrap any application services. - * - * @return void - */ - public function register() - { - $routing = new Routing; - - // Router methods - Router::macro('template', [$routing, 'template']); - Router::macro('page', [$routing, 'page']); - Router::macro('archive', [$routing, 'archive']); - Router::macro('singular', [$routing, 'singular']); - } -} diff --git a/src/Providers/WordpressServiceProvider.php b/src/Providers/WordpressServiceProvider.php index 8b80600..6d726eb 100644 --- a/src/Providers/WordpressServiceProvider.php +++ b/src/Providers/WordpressServiceProvider.php @@ -2,10 +2,8 @@ namespace Koselig\Providers; use Illuminate\Contracts\Routing\UrlGenerator; -use Illuminate\Support\Facades\Auth; use Illuminate\Support\Facades\DB; use Illuminate\Support\ServiceProvider; -use Koselig\Guards\WordpressGuard; use Koselig\Support\Action; use Koselig\Support\Wordpress; @@ -42,18 +40,6 @@ class WordpressServiceProvider extends ServiceProvider } /** - * Register the Wordpress authentication services. - * - * @return void - */ - public function boot() - { - Auth::extend('wordpress', function ($app, $name, array $config) { - return new WordpressGuard(Auth::createUserProvider($config['provider'])); - }); - } - - /** * Set up the configuration values that wp-config.php * does. Use all the values out of .env instead. * diff --git a/src/Routing/RoutingServiceProvider.php b/src/Routing/RoutingServiceProvider.php new file mode 100644 index 0000000..ecb703b --- /dev/null +++ b/src/Routing/RoutingServiceProvider.php @@ -0,0 +1,30 @@ + + */ +class RoutingServiceProvider extends ServiceProvider +{ + /** + * Bootstrap any application services. + * + * @return void + */ + public function register() + { + $routing = new Routing; + + // Router methods + Router::macro('template', [$routing, 'template']); + Router::macro('page', [$routing, 'page']); + Router::macro('archive', [$routing, 'archive']); + Router::macro('singular', [$routing, 'singular']); + } +} -- libgit2 1.7.2