Source of file PasswordValidatorExtension.php
Size: 3,716 Bytes - Last Modified: 2021-12-24T06:47:27+00:00
/var/www/docs.ssmods.com/process/src/src/extensions/PasswordValidatorExtension.php
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 | <?php namespace Firesphere\HaveIBeenPwned\Extensions; use Firesphere\HaveIBeenPwned\Services\HaveIBeenPwnedService; use SilverStripe\Core\Config\Configurable; use SilverStripe\Core\Extension; use SilverStripe\Core\Injector\Injector; use SilverStripe\ORM\ValidationResult; use SilverStripe\Security\Member; use SilverStripe\Security\PasswordValidator; /** * Class \Firesphere\HaveIBeenPwned\Extensions\PasswordValidatorExtension * * @property PasswordValidator|PasswordValidatorExtension $owner */ class PasswordValidatorExtension extends Extension { use Configurable; /** * @var HaveIBeenPwnedService */ protected $service; /** * @var array */ protected $params = []; /** * @param string $pwd * @param Member|MemberExtension $member * @param ValidationResult $valid * @return void * @throws \GuzzleHttp\Exception\GuzzleException */ public function updateValidatePassword($pwd, $member, $valid) { $this->service = Injector::inst()->createWithArgs(HaveIBeenPwnedService::class, [$this->params]); if (!$member->PwndDisabled) { $allowPwnd = HaveIBeenPwnedService::config()->get('allow_pwnd'); $savePwnd = HaveIBeenPwnedService::config()->get('save_pwnd'); $isPwndCount = $this->checkPwnCount($pwd, $member); $breached = $this->checkPwndSites($savePwnd, $member); // Although it would be stupid, the pwnd check can be disabled // Or even allow for breached passwords. Not exactly ideal if ($isPwndCount && !$allowPwnd) { $this->addMessages($valid, $isPwndCount, $breached); } } } /** * @param $pwd * @param $member * @return int * @throws \GuzzleHttp\Exception\GuzzleException */ protected function checkPwnCount($pwd, $member) { $isPwndCount = $this->service->checkPwnedPassword($pwd); // Always set amount of pwd's if it's true $member->PasswordIsPwnd = $isPwndCount; return $isPwndCount; } /** * @param $member * @param $savePwnd * @return string * @throws \GuzzleHttp\Exception\GuzzleException */ protected function checkPwndSites($savePwnd, $member) { $breached = ''; // If storing the breached sites, check the email as well if ($savePwnd) { $breached = $this->service->checkPwnedEmail($member); $member->BreachedSites = $breached; } return $breached; } /** * @return array */ public function getParams() { return $this->params; } /** * @param array $params */ public function setParams($params) { $this->params = $params; } /** * @param ValidationResult $valid * @param int $isPwndCount * @param string $breached */ protected function addMessages($valid, $isPwndCount, $breached) { $valid->addFieldError( 'Password', _t( self::class . '.KNOWN', 'Your password appears {times} times in the Have I Been Pwnd database', ['times' => $isPwndCount] ) ); if ($breached) { $type = $valid->isValid() ? ValidationResult::TYPE_WARNING : ValidationResult::TYPE_INFO; $message = _t( self::class . '.KNOWNBREACHMESSAGE', 'To help you identify where you have been breached, see the HaveIBeenPwned tab for information after a successful update of your password' ); $valid->addMessage($message, $type); } } } |