user random string (#759)

* user random string

* Fix auth_key encryption to prevent null character errors (#759)

CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/).
 In order to read more about upgrading and BC breaks have a look at the [UPGRADE Document](UPGRADE.md).
 
+## 5.0.3 ()
+
++ [#759](https://github.com/luyadev/luya-module-admin/pull/759) Prevent `Bcrypt password must not contain null character` errors by using generateRandomString for auth_key encryption.
+
 ## 5.0.2 (28. March 2024)
 
 + [#758](https://github.com/luyadev/luya-module-admin/pull/758) Enhanced the functionality to reorganize folders within the folder hierarchy, allowing for movement to the root or placement into a different subfolder.

src/models/User.php

@@ -589,14 +589,16 @@ public function getId()
  */
  public function getAuthKey()
  {
+ // find user agent, if empty disable auto login
  $userAgent = Yii::$app->request->userAgent;
-
- // no user agent, dissable auto login
  if (empty($userAgent)) {
  return false;
  }
 
  $checksum = UserDevice::generateUserAgentChecksum($userAgent);
+ if (empty($checksum)) {
+ return false;
+ }
 
  $model = UserDevice::find()->where(['user_id' => $this->id, 'user_agent_checksum' => $checksum])->one();
 
@@ -610,7 +612,7 @@ public function getAuthKey()
  $model->user_id = $this->id;
  $model->user_agent = $userAgent;
  $model->user_agent_checksum = $checksum;
- $model->auth_key = Yii::$app->security->generatePasswordHash(Yii::$app->security->generateRandomKey() . $checksum);
+ $model->auth_key = Yii::$app->security->generatePasswordHash(Yii::$app->security->generateRandomString() . $checksum);
 
  if ($model->save()) {
  return $model->auth_key;