Add option to require username to be an email address

ilijastuden · ilijastuden · commit 662c3fdf65ff · 2016-12-22T19:54:47.000+01:00
diff --git a/src/Authorizer/CredentialFieldsCheckTrait.php b/src/Authorizer/CredentialFieldsCheckTrait.php
@@ -21,12 +21,21 @@ trait CredentialFieldsCheckTrait
      */
     private function verifyRequiredFields(array $credentials, array $fields)
     {
-        $is_empty = function ($credentials, $field) {
-            return isset($credentials[$field]) ? $credentials[$field] === '' : true;
-        };
+        foreach ($fields as $field) {
+            if (empty($credentials[$field])) {
+                throw new InvalidAuthenticationRequestException();
+            }
+        }
+    }
 
+    /**
+     * @param array $credentials
+     * @param array $fields
+     */
+    private function verifyEmailFields(array $credentials, array $fields)
+    {
         foreach ($fields as $field) {
-            if ($is_empty($credentials, $field)) {
+            if (empty($credentials[$field]) || !filter_var($credentials[$field], FILTER_VALIDATE_EMAIL)) {
                 throw new InvalidAuthenticationRequestException();
             }
         }
diff --git a/src/Authorizer/LocalAuthorizer.php b/src/Authorizer/LocalAuthorizer.php
@@ -25,12 +25,19 @@ class LocalAuthorizer extends Authorizer
      */
     private $user_repository;
 
+    /**
+     * @var bool
+     */
+    private $username_is_email = false;
+
     /**
      * @param RepositoryInterface $user_repository
+     * @param bool                $username_is_email
      */
-    public function __construct(RepositoryInterface $user_repository)
+    public function __construct(RepositoryInterface $user_repository, $username_is_email = false)
     {
         $this->user_repository = $user_repository;
+        $this->username_is_email = (bool) $username_is_email;
     }
 
     /**
@@ -43,6 +50,10 @@ public function verifyCredentials(array $credentials)
     {
         $this->verifyRequiredFields($credentials, ['username', 'password']);
 
+        if ($this->username_is_email) {
+            $this->verifyEmailFields($credentials, ['username']);
+        }
+
         $user = $this->user_repository->findByUsername($credentials['username']);
 
         $this->verifyUser($user, $credentials['password']);
diff --git a/test/src/LocalAuthorizerTest.php b/test/src/LocalAuthorizerTest.php
@@ -41,6 +41,33 @@ public function providerInvalidCredentials()
         ];
     }
 
+    /**
+     * @param array $username
+     * @dataProvider providerInvalidUsername
+     * @expectedException \ActiveCollab\Authentication\Exception\InvalidAuthenticationRequestException
+     * @expectedExceptionMessage Authentication request data not valid
+     */
+    public function testInvalidUsernameThrowsException($username)
+    {
+        $local_authorizer = new LocalAuthorizer(new Repository(), true);
+
+        $local_authorizer->verifyCredentials([
+            'username' => $username,
+            'password' => 'Easy to remember, Hard to guess',
+        ]);
+    }
+
+    public function providerInvalidUsername()
+    {
+        return [
+            ['username' => null],
+            ['username' => ''],
+            ['username' => 'Invalid Username'],
+            ['username' => 'Not a valid Username'],
+            ['username' => 'not_a_username'],
+        ];
+    }
+
     /**
      * @expectedException \ActiveCollab\Authentication\Exception\UserNotFoundException
      * @expectedExceptionMessage User not found
@@ -81,9 +108,20 @@ public function testUserCanNotAuthenticateThrowsException()
     public function testUserIsAuthenticated()
     {
         $local_authorizer = new LocalAuthorizer(new Repository([
-            'john@doe.com' => new AuthenticatedUser(1, 'john@doe.com', 'John', 'password', true),
+            'john@doe.com' => new AuthenticatedUser(1, 'johndoe', 'John', 'password', true),
         ]));
 
+        $user = $local_authorizer->verifyCredentials(['username' => 'johndoe', 'password' => 'password']);
+
+        $this->assertSame(1, $user->getId());
+    }
+
+    public function testUserWithEmailUsernameIsAuthenticated()
+    {
+        $local_authorizer = new LocalAuthorizer(new Repository([
+            'john@doe.com' => new AuthenticatedUser(1, 'john@doe.com', 'John', 'password', true),
+        ]), true);
+
         $user = $local_authorizer->verifyCredentials(['username' => 'john@doe.com', 'password' => 'password']);
 
         $this->assertSame(1, $user->getId());
