-
Notifications
You must be signed in to change notification settings - Fork 0
/
NotAUsedPassword.php
61 lines (49 loc) · 1.48 KB
/
NotAUsedPassword.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
<?php
namespace Sicaboy\LaravelSecurity\Rules;
use Illuminate\Contracts\Validation\Rule;
use Hash;
class NotAUsedPassword implements Rule
{
/** @var string */
protected $modelClassName;
/** @var string */
protected $modelAttribute;
/** @var string */
protected $attribute;
protected $user;
public function __construct($user = null, $modelClassName = null)
{
if(!$modelClassName) {
$modelClassName = config('laravel-security.database.password_history_model');
}
$this->user = $user;
$this->modelClassName = $modelClassName;
}
public function passes($attribute, $value): bool
{
if (!$this->user) {
return true;
}
// $this->attribute = $attribute;
$model = $this->modelClassName::select('password');
if(!empty($this->user->id)) {
$model->where('user_id', $this->user->id);
$model->where('user_class', get_class($this->user));
}
$allUsedPasswords = $model->get();
$isOldPassword = false;
foreach ($allUsedPasswords as $item) {
if (Hash::check($value, $item->password)) {
$isOldPassword = true;
}
}
return !$isOldPassword;
}
public function message(): string
{
return __('laravel-security::message.not_a_used_password', [
// 'attribute' => $this->attribute,
// 'model' => $classBasename,
]);
}
}