From 37f0eb287b09f80a9e563e3c168d4e1a4670ab8e Mon Sep 17 00:00:00 2001 From: sundayenglish Date: Mon, 23 Jun 2025 10:06:25 +0700 Subject: [PATCH] Mapping database authentication to Sunday English --- app/Passport/CustomUserRepository.php | 15 +++++++++++-- app/Providers/AuthServiceProvider.php | 8 +++---- app/Providers/MD5UserProvider.php | 32 +++++++++++++++++++++++++-- 3 files changed, 47 insertions(+), 8 deletions(-) diff --git a/app/Passport/CustomUserRepository.php b/app/Passport/CustomUserRepository.php index 9a1363a..bdadd02 100644 --- a/app/Passport/CustomUserRepository.php +++ b/app/Passport/CustomUserRepository.php @@ -10,6 +10,15 @@ use App\Models\GKUser; class CustomUserRepository extends PassportUserRepository { + /** + * Retrieve a user entity by user credentials. + * + * @param string $username + * @param string $password + * @param string $grantType + * @param ClientEntityInterface $client + * @return User|null + */ public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $client) { $user = GKUser::where('email', $username)->first(); @@ -20,14 +29,16 @@ class CustomUserRepository extends PassportUserRepository $hashed = $user->password; + // Check if the password is already hashed using bcrypt if (!Hash::needsRehash($hashed)) { if (!Hash::check($password, $hashed)) { return; } - } elseif (md5($password) !== $hashed) { + } + // If the password is hashed using MD5, verify and upgrade to bcrypt + elseif (md5($password) !== $hashed) { return; } else { - // ✅ Nếu MD5 khớp → nâng cấp lên bcrypt $user->password = Hash::make($password); $user->save(); } diff --git a/app/Providers/AuthServiceProvider.php b/app/Providers/AuthServiceProvider.php index cdab7e4..8cbe321 100644 --- a/app/Providers/AuthServiceProvider.php +++ b/app/Providers/AuthServiceProvider.php @@ -18,19 +18,19 @@ class AuthServiceProvider extends ServiceProvider public function boot(): void { - // ✅ Đăng ký custom provider hỗ trợ MD5 password + // Register custom user provider for MD5 password support Auth::provider('md5provider', function ($app, array $config) { return new MD5UserProvider($app['hash'], $config['model']); }); - // ✅ Ghi đè UserRepository để Passport hỗ trợ MD5 + // Override Passport's UserRepository to support MD5 $this->app->bind(PassportUserRepository::class, CustomUserRepository::class); - // ✅ Thiết lập thời hạn token Passport + // Set Passport token expiration times Passport::tokensExpireIn(now()->addHour()); Passport::refreshTokensExpireIn(now()->addMonth()); - // ✅ Đăng ký Password Grant cho OAuth + // Register Password Grant for OAuth $this->app->afterResolving(AuthorizationServer::class, function ($server) { $grant = new \League\OAuth2\Server\Grant\PasswordGrant( app(PassportUserRepository::class), diff --git a/app/Providers/MD5UserProvider.php b/app/Providers/MD5UserProvider.php index 9990491..9d30690 100644 --- a/app/Providers/MD5UserProvider.php +++ b/app/Providers/MD5UserProvider.php @@ -8,17 +8,45 @@ use Illuminate\Support\Facades\Hash; class MD5UserProvider extends EloquentUserProvider { + /** + * Validate the user's credentials. + * + * This method checks the provided plain password against the stored hashed password. + * - If the stored password is hashed using Bcrypt (i.e., does not need rehashing), it uses Laravel's Hash::check. + * - If the stored password is an MD5 hash, it manually compares the MD5 hash of the plain password. + * If matched, it automatically upgrades the password to Bcrypt and saves the user. + * + * @param \Illuminate\Contracts\Auth\Authenticatable $user The user instance. + * @param array $credentials The credentials array containing at least a 'password' key. + * @return bool Returns true if the credentials are valid, otherwise false. + */ public function validateCredentials(Authenticatable $user, array $credentials) { $plain = $credentials['password']; $hashed = $user->getAuthPassword(); - // Nếu là Bcrypt → dùng bình thường + /** + * Checks if the given hashed password needs to be rehashed. + * If the hash does not require rehashing (e.g., it is already using Bcrypt), + * verifies the plain password against the hashed value using Laravel's Hash facade. + * + * @param string $plain The plain text password to verify. + * @param string $hashed The hashed password stored in the database. + * @return bool Returns true if the plain password matches the hashed value, false otherwise. + */ if (!Hash::needsRehash($hashed)) { return Hash::check($plain, $hashed); } - // Nếu là MD5 → kiểm tra tay + /** + * Checks if the given plain password matches the stored MD5 hash. + * If matched, automatically upgrades the user's password to a secure hash using Laravel's Hash facade. + * Saves the upgraded password to the database. + * + * @param string $plain The plain text password provided by the user. + * @param string $hashed The stored MD5 hashed password. + * @return bool Returns true if the password matches and is upgraded, otherwise false. + */ if (md5($plain) === $hashed) { // Tự động upgrade $user->password = Hash::make($plain);