function PasswordHashingTest::testPasswordHashing

Test password hashing.

File

drupal/core/modules/system/lib/Drupal/system/Tests/System/PasswordHashingTest.php, line 28
Definition of Drupal\system\Tests\System\PasswordHashingTest.

Class

PasswordHashingTest
Unit tests for password hashing API.

Namespace

Drupal\system\Tests\System

Code

function testPasswordHashing() {

  // Set a log2 iteration count that is deliberately out of bounds to test
  // that it is corrected to be within bounds.
  $password_hasher = new PhpassHashedPassword(1);

  // Set up a fake $account with a password 'baz', hashed with md5.
  $password = 'baz';
  $account = (object) array(
    'name' => 'foo',
    'pass' => md5($password),
  );

  // The md5 password should be flagged as needing an update.
  $this
    ->assertTrue($password_hasher
    ->userNeedsNewHash($account), 'User with md5 password needs a new hash.');

  // Re-hash the password.
  $old_hash = $account->pass;
  $account->pass = $password_hasher
    ->hash($password);
  $this
    ->assertIdentical($password_hasher
    ->getCountLog2($account->pass), $password_hasher::MIN_HASH_COUNT, 'Re-hashed password has the minimum number of log2 iterations.');
  $this
    ->assertTrue($account->pass != $old_hash, 'Password hash changed.');
  $this
    ->assertTrue($password_hasher
    ->check($password, $account), 'Password check succeeds.');

  // Since the log2 setting hasn't changed and the user has a valid password,
  // $password_hasher->userNeedsNewHash() should return FALSE.
  $this
    ->assertFalse($password_hasher
    ->userNeedsNewHash($account), 'User does not need a new hash.');

  // Increment the log2 iteration to MIN + 1.
  $password_hasher = new PhpassHashedPassword($password_hasher::MIN_HASH_COUNT + 1);
  $this
    ->assertTrue($password_hasher
    ->userNeedsNewHash($account), 'User needs a new hash after incrementing the log2 count.');

  // Re-hash the password.
  $old_hash = $account->pass;
  $account->pass = $password_hasher
    ->hash($password);
  $this
    ->assertIdentical($password_hasher
    ->getCountLog2($account->pass), $password_hasher::MIN_HASH_COUNT + 1, 'Re-hashed password has the correct number of log2 iterations.');
  $this
    ->assertTrue($account->pass != $old_hash, 'Password hash changed again.');

  // Now the hash should be OK.
  $this
    ->assertFalse($password_hasher
    ->userNeedsNewHash($account), 'Re-hashed password does not need a new hash.');
  $this
    ->assertTrue($password_hasher
    ->check($password, $account), 'Password check succeeds with re-hashed password.');
}