change password rewrite for 2.0

Model/Behavior/ChangePasswordBehavior.php

@@ -6,7 +6,7 @@
  * Licensed under The MIT License 
  * Redistributions of files must retain the above copyright notice. 
  * 
- * @version    1.2
+ * @version    1.3
  * @license    http://www.opensource.org/licenses/mit-license.php The MIT License 
  */
 
@@ -18,7 +18,7 @@ if (!defined('PWD_MAX_LENGTH')) {
 }
 
 /**
- * A cakephp1.3 behavior to change passwords the easy way
+ * A cakephp2 behavior to change passwords the easy way
  * - complete validation
  * - hashing of password
  * - requires fields (no tempering even without security component)
@@ -30,6 +30,10 @@ if (!defined('PWD_MAX_LENGTH')) {
  * also add the two form fields in the form (pwd, pwd_confirm)
  * the rest is cake automagic :) 
  * 
+ * now also is capable of:
+ * - require current password prior to altering it (current=>true)
+ * - don't allow the same password it was before (allowSame=>false)
+ * 
  * TODO: allowEmpty and nonEmptyToEmpty - maybe with checkbox "set_new_pwd"
  * feel free to help me out
  * 
@@ -56,7 +60,7 @@ class ChangePasswordBehavior extends ModelBehavior {
 		'hashType' => null,
 		'hashSalt' => true,
 		'auth' => 'Auth', # which component,
-		'allowSame' => true, # dont allow the old password on change //TODO: implement
+		'allowSame' => true, # dont allow the old password on change
 		'nonEmptyToEmpty' => false, # allow resetting nonempty pwds to empty once set (prevents problems with default edit actions)
 	);
 	
@@ -89,6 +93,7 @@ class ChangePasswordBehavior extends ModelBehavior {
 			'validateCurrentPwd' => array(
 				'rule' => 'validateCurrentPwd',
 				'message' => 'valErrCurrentPwdIncorrect',
+				'last' => true,
 			)
 		),
 	);
@@ -122,9 +127,15 @@ class ChangePasswordBehavior extends ModelBehavior {
 			trigger_error('No validation class found');
 			return true;
 		}
-		$this->Auth->constructAuthenticate();
-		//debug($this->Auth); die();
-		return $this->Auth->verifyUser($uid, $pwd);
+		
+		# easiest authenticate method via form and (id + pwd)
+		$this->Auth->authenticate = array('Form'=>array('fields'=>array('username' => 'id', 'password'=>$this->settings[$Model->alias]['field'])));
+		
+		App::uses('CakeResponse', 'Network');
+		$request = new CakeRequest(null, false);
+		$request->data['User'] = array('id'=>$uid, 'password'=>$pwd);
+		$response = new CakeResponse();
+		return $this->Auth->identify($request, $response);
 	}
 	
 	/**

Test/Case/Behavior/ChangePasswordBehaviorTest.php

@@ -2,20 +2,8 @@
 
 App::uses('Model', 'Model');
 App::uses('AppModel', 'Model');
-/*
-class User extends AppModel {
-	
-	public $useDbConfig = 'test';
-	public $cacheSources = false;
-	
-	public function invalidFields($x) {
-		$res = parent::invalidFields($x);
-		return $res;
-	}
-	
-	
-}
-*/
+
+App::uses('ComponentCollection', 'Controller');
 
 class ChangePasswordBehaviorTest extends CakeTestCase {
 
@@ -23,17 +11,16 @@ class ChangePasswordBehaviorTest extends CakeTestCase {
 		'core.user',
 	);
 	
-/**
- * setUp method
- */
+	/**
+	 * setUp method
+	 */
 	public function setUp() {
-		//$this->loadFixtures('User');
 		$this->User = ClassRegistry::init('User');
 	}
 
-/**
- * Tear-down method.  Resets environment state.
- */
+	/**
+	 * Tear-down method.  Resets environment state.
+	 */
 	public function tearDown() {
 		$this->User->Behaviors->detach('ChangePassword');
 		unset($this->User);
@@ -241,13 +228,9 @@ class ChangePasswordBehaviorTest extends CakeTestCase {
  */
 class AuthComponent {
 	
-	
-	public function constructAuthenticate() {
-		
-	}
-	
-	public function verifyUser($user, $pwd) {
-		if ($user == '5' && $pwd == 'some') {
+	public function identify($request, $response) {
+		$user = $request->data['User'];
+		if ($user['id'] == '5' && $user['password'] == 'some') {
 			return true;
 		}
 		return false;