Merge branch 'profile'

api/controllers/AccountsController.php

@@ -38,10 +38,12 @@ class AccountsController extends Controller {
 
         return [
             'id' => $account->id,
+            'uuid' => $account->uuid,
             'username' => $account->username,
             'email' => $account->email,
             'shouldChangePassword' => $account->password_hash_strategy === Account::PASS_HASH_STRATEGY_OLD_ELY,
             'isActive' => $account->status === Account::STATUS_ACTIVE,
+            'passwordChangedAt' => $account->password_changed_at,
         ];
     }
 

api/models/RegistrationForm.php

@@ -73,7 +73,6 @@ class RegistrationForm extends ApiForm {
             $account->username = $this->username;
             $account->password = $this->password;
             $account->status = Account::STATUS_REGISTERED;
-            $account->generateAuthKey();
             if (!$account->save()) {
                 throw new ErrorException('Account not created.');
             }

common/models/Account.php

@@ -19,10 +19,10 @@ use yii\web\IdentityInterface;
  * @property string  $password_hash
  * @property integer $password_hash_strategy
  * @property string  $password_reset_token
- * @property string  $auth_key
  * @property integer $status
  * @property integer $created_at
  * @property integer $updated_at
+ * @property integer $password_changed_at
  *
  * Геттеры-сеттеры:
  * @property string  $password пароль пользователя (только для записи)
@@ -133,7 +133,7 @@ class Account extends ActiveRecord implements IdentityInterface {
      * @inheritdoc
      */
     public function getAuthKey() {
-        return $this->auth_key;
+        throw new NotSupportedException('This method used for cookie auth, except we using JWT tokens');
     }
 
     /**
@@ -177,13 +177,7 @@ class Account extends ActiveRecord implements IdentityInterface {
     public function setPassword($password) {
         $this->password_hash_strategy = self::PASS_HASH_STRATEGY_YII2;
         $this->password_hash = Yii::$app->security->generatePasswordHash($password);
-    }
-
-    /**
-     * Generates "remember me" authentication key
-     */
-    public function generateAuthKey() {
-        $this->auth_key = Yii::$app->security->generateRandomString();
+        $this->password_changed_at = time();
     }
 
     /**

console/migrations/m160311_211107_password_change_time.php

@@ -0,0 +1,21 @@
+<?php
+
+use console\db\Migration;
+
+class m160311_211107_password_change_time extends Migration {
+
+    public function safeUp() {
+        $this->addColumn('{{%accounts}}', 'password_changed_at', $this->integer()->notNull());
+        $this->getDb()->createCommand('
+            UPDATE {{%accounts}}
+               SET password_changed_at = created_at
+        ')->execute();
+        $this->dropColumn('{{%accounts}}', 'auth_key');
+    }
+
+    public function safeDown() {
+        $this->dropColumn('{{%accounts}}', 'password_changed_at');
+        $this->addColumn('{{%accounts}}', 'auth_key', $this->string(32)->notNull() . ' AFTER `status`');
+    }
+
+}

tests/codeception/api/unit/models/ChangePasswordFormTest.php

@@ -60,6 +60,7 @@ class ChangePasswordFormTest extends DbTestCase {
         $this->specify('successfully change password with modern hash strategy', function() use ($model, $account) {
             expect('form should return true', $model->changePassword())->true();
             expect('new password should be successfully stored into account', $account->validatePassword('my-new-password'))->true();
+            expect('password change time updated', $account->password_changed_at)->greaterOrEquals(time());
         });
 
         /** @var Account $account */
@@ -72,6 +73,7 @@ class ChangePasswordFormTest extends DbTestCase {
         $this->specify('successfully change password with legacy hash strategy', function() use ($model, $account) {
             expect('form should return true', $model->changePassword())->true();
             expect('new password should be successfully stored into account', $account->validatePassword('my-new-password'))->true();
+            expect('password change time updated', $account->password_changed_at)->greaterOrEquals(time());
         });
     }
 

tests/codeception/common/fixtures/data/accounts.php

@@ -8,10 +8,10 @@ return [
         'password_hash' => '$2y$13$CXT0Rkle1EMJ/c1l5bylL.EylfmQ39O5JlHJVFpNn618OUS1HwaIi', # password_0
         'password_hash_strategy' => \common\models\Account::PASS_HASH_STRATEGY_YII2,
         'password_reset_token' => null,
-        'auth_key' => 'iwTNae9t34OmnK6l4vT4IeaTk-YWI2Rv',
         'status' => \common\models\Account::STATUS_ACTIVE,
         'created_at' => 1451775316,
         'updated_at' => 1451775316,
+        'password_changed_at' => 1451775316,
     ],
     'user-with-old-password-type' => [
         'id' => 2,
@@ -21,10 +21,10 @@ return [
         'password_hash' => '133c00c463cbd3e491c28cb653ce4718', # 12345678
         'password_hash_strategy' => \common\models\Account::PASS_HASH_STRATEGY_OLD_ELY,
         'password_reset_token' => null,
-        'auth_key' => 'ltTNae9t34OmnK6l4vT4IeaTk-YWI2Rv',
         'status' => \common\models\Account::STATUS_ACTIVE,
         'created_at' => 1385225069,
         'updated_at' => 1385225069,
+        'password_changed_at' => 1385225069,
     ],
     'not-activated-account' => [
         'id' => 3,
@@ -34,10 +34,10 @@ return [
         'password_hash' => '$2y$13$2rYkap5T6jG8z/mMK8a3Ou6aZxJcmAaTha6FEuujvHEmybSHRzW5e', # password_0
         'password_hash_strategy' => \common\models\Account::PASS_HASH_STRATEGY_YII2,
         'password_reset_token' => null,
-        'auth_key' => '3AGc12Q7U8lU9umIyCWk5iCnpdPvZ8Up',
         'status' => \common\models\Account::STATUS_REGISTERED,
         'created_at' => 1453146616,
         'updated_at' => 1453146616,
+        'password_changed_at' => 1453146616,
     ],
     'not-activated-account-with-expired-message' => [
         'id' => 4,