Converted the generic concept of User entity to a complete aggregate object

public/login.php

@@ -2,7 +2,9 @@
 
 use Authentication\Value\ClearTextPassword;
 use Authentication\Value\EmailAddress;
+use Infrastructure\Authentication\ReadModel\HardcodedIsUserBlocked;
 use Infrastructure\Authentication\Repository\FilesystemUsers;
+use Infrastructure\Authentication\Service\SendNotifyOfIntrusionDetectionToStderr;
 
 require_once __DIR__ . '/../vendor/autoload.php';
 
@@ -19,11 +21,7 @@
 
 $user = $users->get($email);
 
-if (! $user->authenticate($password)) {
-    echo 'Nope';
-
-    return;
-}
+$user->authenticate($password, new HardcodedIsUserBlocked(), new SendNotifyOfIntrusionDetectionToStderr());
 
 echo 'OK';
 

public/register.php

@@ -1,8 +1,9 @@
 <?php
 
-use Authentication\Entity\User;
+use Authentication\Aggregate\User;
 use Authentication\Value\ClearTextPassword;
 use Authentication\Value\EmailAddress;
+use Infrastructure\Authentication\ReadModel\CheckRegisteredEmailFromRepository;
 use Infrastructure\Authentication\Repository\FilesystemUsers;
 
 require_once __DIR__ . '/../vendor/autoload.php';
@@ -12,13 +13,7 @@
 
 $users = new FilesystemUsers(__DIR__ . '/../data/users.json');
 
-if ($users->exists($email)) {
-    echo 'Already registered';
-
-    return;
-}
-
-$users->store(new User($email, $password));
+$users->store(User::register($email, $password, new CheckRegisteredEmailFromRepository($users)));
 
 /** @var Notifier $notify */
 // send email abstraction?

src/Authentication/Aggregate/User.php

@@ -0,0 +1,53 @@
+<?php
+
+namespace Authentication\Aggregate;
+
+use Authentication\ReadModel\EmailIsRegistered;
+use Authentication\ReadModel\IsUserBlocked;
+use Authentication\Service\NotifyOfIntrusionDetection;
+use Authentication\Value\ClearTextPassword;
+use Authentication\Value\EmailAddress;
+use Authentication\Value\PasswordHash;
+use Webmozart\Assert\Assert;
+
+class User
+{
+    /** @var EmailAddress */
+    private $email;
+
+    /** @var PasswordHash */
+    private $passwordHash;
+
+    private function __construct(EmailAddress $email, ClearTextPassword $password)
+    {
+        $this->email        = $email;
+        $this->passwordHash = $password->makeHash();
+    }
+
+    public static function register(
+        EmailAddress $email,
+        ClearTextPassword $password,
+        EmailIsRegistered $emailIsRegistered
+    ) : self {
+        Assert::false($emailIsRegistered->__invoke($email));
+
+        return new self($email, $password);
+    }
+
+    public function authenticate(
+        ClearTextPassword $password,
+        IsUserBlocked $blockedUsers,
+        NotifyOfIntrusionDetection $intrusionDetection
+    ) : void {
+        Assert::true($password->verify($this->passwordHash));
+
+        if ($blockedUsers->__invoke($this->email)) {
+            $intrusionDetection->__invoke($this->email);
+
+            throw new \RuntimeException(sprintf(
+                'User %s is blocked, and cannot authenticate',
+                $this->email->toString()
+            ));
+        }
+    }
+}

src/Authentication/ReadModel/EmailIsRegistered.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace Authentication\ReadModel;
+
+use Authentication\Value\EmailAddress;
+
+interface EmailIsRegistered
+{
+    public function __invoke(EmailAddress $emailAddress) : bool;
+}

src/Authentication/ReadModel/IsUserBlocked.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace Authentication\ReadModel;
+
+use Authentication\Value\EmailAddress;
+
+interface IsUserBlocked
+{
+    public function __invoke(EmailAddress $emailAddress) : bool;
+}

src/Authentication/Repository/Users.php

@@ -2,7 +2,7 @@
 
 namespace Authentication\Repository;
 
-use Authentication\Entity\User;
+use Authentication\Aggregate\User;
 use Authentication\Value\EmailAddress;
 
 interface Users

src/Authentication/Service/NotifyOfIntrusionDetection.php

@@ -0,0 +1,10 @@
+<?php
+
+namespace Authentication\Service;
+
+use Authentication\Value\EmailAddress;
+
+interface NotifyOfIntrusionDetection
+{
+    public function __invoke(EmailAddress $emailAddress) : void;
+}

src/Infrastructure/Authentication/ReadModel/CheckRegisteredEmailFromRepository.php

@@ -0,0 +1,25 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Infrastructure\Authentication\ReadModel;
+
+use Authentication\ReadModel\EmailIsRegistered;
+use Authentication\Repository\Users;
+use Authentication\Value\EmailAddress;
+
+final class CheckRegisteredEmailFromRepository implements EmailIsRegistered
+{
+    /** @var Users */
+    private $users;
+
+    public function __construct(Users $users)
+    {
+        $this->users = $users;
+    }
+
+    public function __invoke(EmailAddress $emailAddress) : bool
+    {
+        return $this->users->exists($emailAddress);
+    }
+}

src/Infrastructure/Authentication/ReadModel/HardcodedIsUserBlocked.php

@@ -0,0 +1,16 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Infrastructure\Authentication\ReadModel;
+
+use Authentication\ReadModel\IsUserBlocked;
+use Authentication\Value\EmailAddress;
+
+final class HardcodedIsUserBlocked implements IsUserBlocked
+{
+    public function __invoke(EmailAddress $emailAddress) : bool
+    {
+        return $emailAddress->toString() === '[email protected]';
+    }
+}

src/Infrastructure/Authentication/Repository/FilesystemUsers.php

@@ -4,10 +4,11 @@
 
 namespace Infrastructure\Authentication\Repository;
 
-use Authentication\Entity\User;
+use Authentication\Aggregate\User;
 use Authentication\Repository\Users;
 use Authentication\Value\EmailAddress;
 use Authentication\Value\PasswordHash;
+use ReflectionProperty;
 
 final class FilesystemUsers implements Users
 {
@@ -35,8 +36,8 @@ public function get(EmailAddress $emailAddress) : User
         /** @var User $user */
         $user = (new \ReflectionClass(User::class))->newInstanceWithoutConstructor();
 
-        $user->email = $emailAddress;
-        $user->passwordHash = PasswordHash::fromHash($existingUsers[$emailAddress->toString()]);
+        $this->reflectionEmail()->setValue($user, $emailAddress);
+        $this->reflectionPasswordHash()->setValue($user, PasswordHash::fromHash($existingUsers[$emailAddress->toString()]));
 
         return $user;
     }
@@ -45,7 +46,9 @@ public function store(User $user) : void
     {
         $existingUsers = $this->existingUsers();
 
-        $existingUsers[$user->email->toString()] = $user->passwordHash->toString();
+        $existingUsers[
+            $this->reflectionEmail()->getValue($user)->toString()
+        ] = $this->reflectionPasswordHash()->getValue($user)->toString();
 
         file_put_contents($this->usersPath, json_encode($existingUsers));
     }
@@ -59,4 +62,23 @@ private function existingUsers() : array
 
         return json_decode($fileContentsReallyReally, true);
     }
+
+    private function reflectionEmail() : ReflectionProperty
+    {
+        $reflectionEmail = new ReflectionProperty(User::class, 'email');
+
+        $reflectionEmail->setAccessible(true);
+
+        return $reflectionEmail;
+    }
+
+    private function reflectionPasswordHash() : ReflectionProperty
+    {
+        $reflectionEmail = new ReflectionProperty(User::class, 'passwordHash');
+
+        $reflectionEmail->setAccessible(true);
+
+        return $reflectionEmail;
+    }
+
 }

src/Infrastructure/Authentication/Service/SendNotifyOfIntrusionDetectionToStderr.php

@@ -0,0 +1,19 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Infrastructure\Authentication\Service;
+
+use Authentication\Service\NotifyOfIntrusionDetection;
+use Authentication\Value\EmailAddress;
+
+final class SendNotifyOfIntrusionDetectionToStderr implements NotifyOfIntrusionDetection
+{
+    public function __invoke(EmailAddress $emailAddress) : void
+    {
+        error_log(sprintf(
+            'Intrusion detected: unauthorised user %s',
+            $emailAddress->toString()
+        ));
+    }
+}