From 9d7a46fe942ce46eba523d4302aef5ef7eae7130 Mon Sep 17 00:00:00 2001
From: Timm Albers <timmm.albers@gmail.com>
Date: Mon, 7 Sep 2015 19:18:26 +0200
Subject: [PATCH] [bin/grav newuser] Prompt twice for password since input is
 hidden (Fixes #307)

---
 .../src/Grav/Console/Cli/NewUserCommand.php   | 33 ++++++++++++++++---
 1 file changed, 28 insertions(+), 5 deletions(-)

diff --git a/system/src/Grav/Console/Cli/NewUserCommand.php b/system/src/Grav/Console/Cli/NewUserCommand.php
index 6ede54b51..aa3b50525 100644
--- a/system/src/Grav/Console/Cli/NewUserCommand.php
+++ b/system/src/Grav/Console/Cli/NewUserCommand.php
@@ -8,6 +8,7 @@ use Grav\Common\User\User;
 use Grav\Console\ConsoleTrait;
 use RuntimeException;
 use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Helper\Helper;
 use Symfony\Component\Console\Formatter\OutputFormatterStyle;
 use Symfony\Component\Console\Input\InputInterface;
 use Symfony\Component\Console\Output\OutputInterface;
@@ -66,16 +67,20 @@ class NewUserCommand extends Command
         $username = $helper->ask($this->input, $this->output, $question);
 
         // Get password and validate
-        $question = new Question('Enter a <yellow>password</yellow>: ');
-        $question->setValidator(function ($value) {
+        $password = $this->askForPassword($helper, 'Enter a <yellow>password</yellow>: ', function ($value) {
             if (!preg_match('/(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}/', $value)) {
                 throw new RuntimeException('Password must contain at least one number and one uppercase and lowercase letter, and at least 8 or more characters');
             }
             return $value;
         });
-		$question->setHidden(true);
-		$question->setHiddenFallback(false);
-        $data['password'] = $helper->ask($this->input, $this->output, $question);
+        // Since input is hidden when prompting for passwords, the user is asked to repeat the password
+        $this->askForPassword($helper, 'Repeat the <yellow>password</yellow>: ', function ($value) use ($password) {
+            if (strcmp($password, $value)) {
+                throw new RuntimeException('Passwords did not match.');
+            }
+            return $value;
+        });
+        $data['password'] = $password;
 
         // Get email and validate
         $question = new Question('Enter an <yellow>email</yellow>:   ');
@@ -135,4 +140,22 @@ class NewUserCommand extends Command
         $this->output->writeln('');
         $this->output->writeln('<green>Success!</green> User <cyan>'. $username .'</cyan> created.');
     }
+
+    /**
+     * Get password and validate.
+     *
+     * @param Helper    $helper
+     * @param string    $question
+     * @param callable  $validator
+     *
+     * @return string
+     */
+    protected function askForPassword(Helper $helper, $question, callable $validator)
+    {
+        $question = new Question($question);
+        $question->setValidator($validator);
+        $question->setHidden(true);
+        $question->setHiddenFallback(false);
+        return $helper->ask($this->input, $this->output, $question);
+    }
 }