sundayenglish
/
GK-Content-Management
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

Mapping database authentication to Sunday English

Browse Source
master
sundayenglish 4 weeks ago
parent 09b547e18f
commit 37f0eb287b
3 changed files with 47 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      app/Passport/CustomUserRepository.php
  2. 8
      app/Providers/AuthServiceProvider.php
  3. 32
      app/Providers/MD5UserProvider.php

15
app/Passport/CustomUserRepository.php
Unescape View File

@ -10,6 +10,15 @@ use App\Models\GKUser;
class CustomUserRepository extends PassportUserRepository class CustomUserRepository extends PassportUserRepository
{ {
/**
* Retrieve a user entity by user credentials.
*
* @param string $username
* @param string $password
* @param string $grantType
* @param ClientEntityInterface $client
* @return User|null
*/
public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $client) public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $client)
{ {
$user = GKUser::where('email', $username)->first(); $user = GKUser::where('email', $username)->first();
@ -20,14 +29,16 @@ class CustomUserRepository extends PassportUserRepository
$hashed = $user->password; $hashed = $user->password;
// Check if the password is already hashed using bcrypt
if (!Hash::needsRehash($hashed)) { if (!Hash::needsRehash($hashed)) {
if (!Hash::check($password, $hashed)) { if (!Hash::check($password, $hashed)) {
return; return;
} }
} elseif (md5($password) !== $hashed) { }
// If the password is hashed using MD5, verify and upgrade to bcrypt
elseif (md5($password) !== $hashed) {
return; return;
} else { } else {
// ✅ Nếu MD5 khớp → nâng cấp lên bcrypt
$user->password = Hash::make($password); $user->password = Hash::make($password);
$user->save(); $user->save();
} }

8
app/Providers/AuthServiceProvider.php
Unescape View File

@ -18,19 +18,19 @@ class AuthServiceProvider extends ServiceProvider
public function boot(): void public function boot(): void
{ {
// ✅ Đăng ký custom provider hỗ trợ MD5 password // Register custom user provider for MD5 password support
Auth::provider('md5provider', function ($app, array $config) { Auth::provider('md5provider', function ($app, array $config) {
return new MD5UserProvider($app['hash'], $config['model']); return new MD5UserProvider($app['hash'], $config['model']);
}); });
// ✅ Ghi đè UserRepository để Passport hỗ trợ MD5 // Override Passport's UserRepository to support MD5
$this->app->bind(PassportUserRepository::class, CustomUserRepository::class); $this->app->bind(PassportUserRepository::class, CustomUserRepository::class);
// ✅ Thiết lập thời hạn token Passport // Set Passport token expiration times
Passport::tokensExpireIn(now()->addHour()); Passport::tokensExpireIn(now()->addHour());
Passport::refreshTokensExpireIn(now()->addMonth()); Passport::refreshTokensExpireIn(now()->addMonth());
// ✅ Đăng ký Password Grant cho OAuth // Register Password Grant for OAuth
$this->app->afterResolving(AuthorizationServer::class, function ($server) { $this->app->afterResolving(AuthorizationServer::class, function ($server) {
$grant = new \League\OAuth2\Server\Grant\PasswordGrant( $grant = new \League\OAuth2\Server\Grant\PasswordGrant(
app(PassportUserRepository::class), app(PassportUserRepository::class),

32
app/Providers/MD5UserProvider.php
Unescape View File

@ -8,17 +8,45 @@ use Illuminate\Support\Facades\Hash;
class MD5UserProvider extends EloquentUserProvider class MD5UserProvider extends EloquentUserProvider
{ {
/**
* Validate the user's credentials.
*
* This method checks the provided plain password against the stored hashed password.
* - If the stored password is hashed using Bcrypt (i.e., does not need rehashing), it uses Laravel's Hash::check.
* - If the stored password is an MD5 hash, it manually compares the MD5 hash of the plain password.
* If matched, it automatically upgrades the password to Bcrypt and saves the user.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user The user instance.
* @param array $credentials The credentials array containing at least a 'password' key.
* @return bool Returns true if the credentials are valid, otherwise false.
*/
public function validateCredentials(Authenticatable $user, array $credentials) public function validateCredentials(Authenticatable $user, array $credentials)
{ {
$plain = $credentials['password']; $plain = $credentials['password'];
$hashed = $user->getAuthPassword(); $hashed = $user->getAuthPassword();
// Nếu là Bcrypt → dùng bình thường /**
* Checks if the given hashed password needs to be rehashed.
* If the hash does not require rehashing (e.g., it is already using Bcrypt),
* verifies the plain password against the hashed value using Laravel's Hash facade.
*
* @param string $plain The plain text password to verify.
* @param string $hashed The hashed password stored in the database.
* @return bool Returns true if the plain password matches the hashed value, false otherwise.
*/
if (!Hash::needsRehash($hashed)) { if (!Hash::needsRehash($hashed)) {
return Hash::check($plain, $hashed); return Hash::check($plain, $hashed);
} }
// Nếu là MD5 → kiểm tra tay /**
* Checks if the given plain password matches the stored MD5 hash.
* If matched, automatically upgrades the user's password to a secure hash using Laravel's Hash facade.
* Saves the upgraded password to the database.
*
* @param string $plain The plain text password provided by the user.
* @param string $hashed The stored MD5 hashed password.
* @return bool Returns true if the password matches and is upgraded, otherwise false.
*/
if (md5($plain) === $hashed) { if (md5($plain) === $hashed) {
// Tự động upgrade // Tự động upgrade
$user->password = Hash::make($plain); $user->password = Hash::make($plain);

Write Preview
Loading…
Cancel
Save