How to customize validatePassword() function from \vendor\yiisoft\yii2\base\Security.php?

A

Alexander Sinitsyn2016-08-03 19:58:33

Yii

Alexander Sinitsyn, 2016-08-03 19:58:33

What needs to be done is to be able to use ucoz passwords.
You just need to make a couple of changes and everything will work properly, but how to do it. I understand that in vendor this is fraught with the loss of changes when updating.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Alexander Sinitsyn, 2016-08-03
@a_u_sinitsin

I didn’t find how to do it through DI ... offhand I did it like this, oddly enough, but it worked. Can you correct me if it's wrong?
Added to common/config/main.php

'components' => [
        // ...
        'security' => [
            'class' => 'common\components\CommSecurity',
        ],
    ],

I copied Security.php to common\components\ and deleted all the contents of the component except for one function and renamed it to CommSecurity.php

<?php
namespace common\components;

use yii\base\Security;
use Yii;

class CommSecurity extends Security
{

    public function validatePassword($password, $hash)
    {

        if (!is_string($password) || $password === '') {
            throw new InvalidParamException('Password must be a string and cannot be empty.');
        }

        if (function_exists('password_verify')) {
            return password_verify($password, $hash);
        }

        $test = crypt($password, $hash);
        $n = strlen($test);
        if (($n !== 60) && ($n !== 30)) {
            return false;
        }

        return $this->compareString($test, $hash);
    }

}

A

Alexander Makarov, 2016-08-04
@SamDark

Make a separate class. Do not touch Security. The one who will be engaged in the project after you will thank you.