zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-25 11:58:19 +02:00
Code Issues Projects Releases Packages Wiki Activity

Added EPP password change on login

Browse source
This commit is contained in:
Pinga 2023-08-27 18:01:08 +03:00
parent 35e9090009
commit b7065fcaa6
1 changed files with 35 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

35
epp/start.php
View file

@ -98,6 +98,41 @@ $server->handle(function (Connection $conn) use ($table, $db, $c) {
$trans = createTransaction($db, $clid, $clTRID, $xmlString);
if (checkLogin($db, $clID, $pw)) {
if (isset($xml->command->login->newPW)) {
$newPW = (string) $xml->command->login->newPW;
$options = [
'memory_cost' => 1024 * 128,
'time_cost' => 6,
'threads' => 4,
];
$hashedPassword = password_hash($newPW, PASSWORD_ARGON2ID, $options);
try {
$stmt = $db->prepare("UPDATE registrar SET pw = :newPW WHERE clid = :clID");
$stmt->bindParam(':newPW', $hashedPassword);
$stmt->bindParam(':clID', $clID);
$stmt->execute();
} catch (PDOException $e) {
sendEppError($conn, $db, 2400, 'Password could not be changed', $clTRID);
}
$svTRID = generateSvTRID();
$response = [
'command' => 'login',
'resultCode' => 1000,
'lang' => 'en-US',
'clTRID' => $clTRID,
'svTRID' => $svTRID,
'msg' => 'Password changed successfully. Session will be terminated'
];
$epp = new EPP\EppWriter();
$xml = $epp->epp_writer($response);
updateTransaction($db, 'login', null, null, 1000, 'Password changed successfully. Session will be terminated', $svTRID, $xml, $trans);
sendEppResponse($conn, $xml);
$conn->close();
break;
}
$table->set($connId, ['clid' => $clID, 'logged_in' => 1]);
$svTRID = generateSvTRID();
$response = [