NSWDPC\Pwnage\Pwnage
Model for checking passwords and breaches and the like
- Author: James <james.ellis@dpc.nsw.gov.au>
Synopsis
class Pwnage
{
- // members
- private static string $hibp_api_key = '';
- private static boolean $check_breached_accounts = false;
- private static boolean $check_pwned_passwords = true;
- private static boolean $allow_pwned_passwords = false;
- private static boolean $lock_account_on_breach = false;
- private static boolean $notify_member_on_breach_detection = false;
- private static boolean $notify_breach_account_digest = true;
- private static boolean $pwned_password_include_padding = true;
- private static boolean $truncate_response = true;
- private static string $domain_filter = '';
- private static boolean $include_unverified = false;
- private static string $digest_permission_code = 'ADMIN';
- private static boolean $notify_pwned_password_digest = true;
- // methods
- public void getDigestNotificationGroups()
- public void checkPassword()
- public void checkBreachedAccount()
- public void getBreachedAccountCount()
Hierarchy
Uses
- SilverStripe\Core\Config\Configurable
Members
private
- $allow_pwned_passwords
—
boolean
Whether to allow pwned passwords If false this adds a validation warning and records the fact against the member - $check_breached_accounts
—
boolean
Whether to check breached accounts as well - $check_pwned_passwords
—
boolean
By default, check against configured pwned password corpus - $digest_permission_code
—
string
Permission code to use for digest notification - $domain_filter
—
string
HIBP breach option - filter result set to just this domain - $hibp_api_key
—
string
Your HIBP API key - $include_unverified
—
boolean
HIBP breach option - include unverified breaches - $lock_account_on_breach
—
boolean
Whether to lock the account on breach This is not currently implemented - $notify_breach_account_digest
—
int
Notify admin(s) on breach detection This is not currently implemented - $notify_member_on_breach_detection
—
int
Notify member on breach detection This is not currently implemented - $notify_pwned_password_digest
—
boolean
Notify relevant group(s) with the configured permission code via a digest - $pwned_password_include_padding
—
boolean
Adds padding (Add-Padding in the API) to pwned password lookups Read https://haveibeenpwned.com/API/v3#PwnedPasswordsPadding prior to changing to false - $truncate_response
—
boolean
HIBP breach option - when true, returns only the name of the breach.
Methods
public
- checkBreachedAccount() — Check plain password using {@link MFlor\Pwned\Pwned} service client
- checkPassword() — Check plain password using {@link MFlor\Pwned\Pwned} service client
- getBreachedAccountCount() — Get count of breaches for an account
- getDigestNotificationGroups() — Get groups that can be notified of pwned passwords