Merge branch 'hotfix/13' into release-1.0.0

Forward port #13

Conflicts:
	CHANGELOG.md

Author: weierophinney

CHANGELOG.md

@@ -26,6 +26,31 @@ All notable changes to this project will be documented in this file, in reverse
 
 - Nothing.
 
+## 0.2.1 - TBD
+
+### Added
+
+- Nothing.
+
+### Changed
+
+- Nothing
+
+### Deprecated
+
+- Nothing.
+
+### Removed
+
+- Nothing.
+
+### Fixed
+
+- [#13](https://github.com/zendframework/zend-expressive-authentication/pull/13)
+  fixes an issue whereby fetching a record by an unknown username resulted in a
+  "Trying to get property of non-object" error when using the `PdoDatabase` user
+  repository implementation.
+
 ## 0.2.0 - 2017-11-27
 
 ### Added

src/UserRepository/PdoDatabase.php

@@ -52,13 +52,13 @@ public function authenticate(string $credential, string $password = null) : ?Use
 
         $stmt = $this->pdo->prepare($sql);
         $stmt->bindParam(':username', $credential);
+        $stmt->execute();
 
-        if (! $stmt->execute()) {
+        $result = $stmt->fetchObject();
+        if (! $result) {
             return null;
         }
 
-        $result = $stmt->fetchObject();
-
         return password_verify($password, $result->{$this->config['field']['password']})
             ? $this->generateUser($credential, $this->getRolesFromUser($credential))
             : null;

test/UserRepository/PdoDatabaseTest.php

@@ -30,7 +30,7 @@ public function testAuthenticate()
             'table' => 'user',
             'field' => [
                 'username' => 'username',
-                'password' => 'password'
+                'password' => 'password',
             ]
         ]);
 
@@ -39,29 +39,44 @@ public function testAuthenticate()
         $this->assertEquals('test', $user->getUsername());
     }
 
-    public function testAuthenticateInvalidUser()
+    public function testAuthenticateInvalidUserPassword()
     {
         $pdo = new PDO('sqlite:'. __DIR__ . '/../TestAssets/pdo.sqlite');
         $pdoDatabase = new PdoDatabase($pdo, [
             'table' => 'user',
             'field' => [
                 'username' => 'username',
-                'password' => 'password'
+                'password' => 'password',
             ]
         ]);
 
         $user = $pdoDatabase->authenticate('test', 'foo');
         $this->assertNull($user);
     }
 
+    public function testAuthenticateInvalidUsername()
+    {
+        $pdo = new PDO('sqlite:'. __DIR__ . '/../TestAssets/pdo.sqlite');
+        $pdoDatabase = new PdoDatabase($pdo, [
+            'table' => 'user',
+            'field' => [
+                'username' => 'username',
+                'password' => 'password',
+            ]
+        ]);
+
+        $user = $pdoDatabase->authenticate('invalidusername', 'password');
+        $this->assertNull($user);
+    }
+
     public function testAuthenticateWithRole()
     {
         $pdo = new PDO('sqlite:'. __DIR__ . '/../TestAssets/pdo_role.sqlite');
         $pdoDatabase = new PdoDatabase($pdo, [
             'table' => 'user',
             'field' => [
                 'username' => 'username',
-                'password' => 'password'
+                'password' => 'password',
             ],
             'sql_get_roles' => 'SELECT role FROM user WHERE username = :username'
         ]);
@@ -79,7 +94,7 @@ public function testAuthenticateWithRoles()
             'table' => 'user',
             'field' => [
                 'username' => 'username',
-                'password' => 'password'
+                'password' => 'password',
             ],
             'sql_get_roles' => 'SELECT role FROM user_role WHERE username = :username'
         ]);