Forcing every call site to be explicit about admin status and
password eliminates a class of bugs where an unintended
isAdmin=false or empty passwordHash could silently slip through.
The CreateUserTest case that asserted the isAdmin default is
dropped since the default no longer exists.
Replace the strict "one commit per file" guidance with grouping by
related changes, while keeping the small-and-focused intent. Add
explicit guidance on when to include a commit body and how to format
it (blank line separator, ~72 col wrap).
Applied to both backend and frontend prompt templates.
Add a trivial prefix-based PasswordHasher fake and inject it into the
three test files that exercise CreateUser or AuthenticateUser. Drops
the full phpunit suite from ~7.4s to ~30ms (about 224x) without
losing coverage: the round-trip through hash/verify still validates
that CreateUser stores something other than the plaintext and that
AuthenticateUser only succeeds on a matching hash.
CreateUserTest is also refactored to use a setUp method, matching
the pattern already used in AuthenticateUserTest and AuthControllerTest.
Replace direct password_hash and password_verify calls with the
injected PasswordHasher so the bcrypt cost can be substituted out
in tests. Production wiring is handled by the container's autowiring
of BcryptPasswordHasher.
This commit alone breaks the test suite because the existing tests
construct these use cases without the new dependency; the next
commit restores green by introducing FakePasswordHasher.
Introduce an injectable abstraction over password_hash and
password_verify so callers can be swapped for a fast fake in tests
without paying bcrypt's CPU cost. The bcrypt implementation is a
direct passthrough using PASSWORD_DEFAULT, matching the prior inline
behavior, so existing stored hashes continue to verify.
Wired into the DI container alongside the other auth primitives
(Clock, TokenGenerator). No callers reference it yet, so production
behavior is unchanged.
