function UserLoginTest::testPasswordRehashOnLogin

Test that user password is re-hashed upon login after changing $count_log2.

File

drupal/core/modules/user/lib/Drupal/user/Tests/UserLoginTest.php, line 105

Definition of Drupal\user\Tests\UserLoginTest.

Class

UserLoginTest

Functional tests for user logins, including rate limiting of login attempts.

Namespace

Code

function testPasswordRehashOnLogin() {

  // Determine default log2 for phpass hashing algoritm
  $default_count_log2 = 16;

  // Retrieve instance of password hashing algorithm
  $password_hasher = drupal_container()
    ->get('password');

  // Create a new user and authenticate.
  $account = $this
    ->drupalCreateUser(array());
  $password = $account->pass_raw;
  $this
    ->drupalLogin($account);
  $this
    ->drupalLogout();

  // Load the stored user. The password hash should reflect $default_count_log2.
  $account = user_load($account->uid);
  $this
    ->assertIdentical($password_hasher
    ->getCountLog2($account->pass), $default_count_log2);

  // Change the required number of iterations by loading a test-module
  // containing the necessary container builder code and then verify that the
  // users password gets rehashed during the login.
  $overridden_count_log2 = 19;
  module_enable(array(
    'user_custom_phpass_params_test',
  ));
  $account->pass_raw = $password;
  $this
    ->drupalLogin($account);

  // Load the stored user, which should have a different password hash now.
  $account = user_load($account->uid, TRUE);
  $this
    ->assertIdentical($password_hasher
    ->getCountLog2($account->pass), $overridden_count_log2);
}