mirror of
https://github.com/Findus23/plugin-PasswordVerifier.git
synced 2024-09-19 16:03:47 +02:00
57 lines
1.6 KiB
PHP
57 lines
1.6 KiB
PHP
|
<?php
|
||
|
/**
|
||
|
* Piwik - free/libre analytics platform
|
||
|
*
|
||
|
* @link http://piwik.org
|
||
|
* @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
|
||
|
*/
|
||
|
|
||
|
namespace Piwik\Plugins\PasswordVerifier;
|
||
|
|
||
|
use Piwik\Container\StaticContainer;
|
||
|
use Piwik\Http;
|
||
|
use Piwik\Piwik;
|
||
|
use Piwik\Plugins\BulkTracking\Tracker\Response;
|
||
|
use Piwik\Validators\Exception;
|
||
|
use Psr\Log\LoggerInterface;
|
||
|
|
||
|
class PasswordVerifier extends \Piwik\Plugin
|
||
|
{
|
||
|
|
||
|
public function registerEvents() {
|
||
|
return array(
|
||
|
'UsersManager.checkPassword' => 'verifyPassword'
|
||
|
);
|
||
|
}
|
||
|
|
||
|
public function verifyPassword($password) {
|
||
|
$hash = strtoupper(sha1($password));
|
||
|
$prefix = substr($hash, 0, 5);
|
||
|
$suffix = substr($hash, 5);
|
||
|
$url = 'https://api.pwnedpasswords.com/range/' . $prefix;
|
||
|
|
||
|
|
||
|
try {
|
||
|
$response = Http::sendHttpRequest($url, $timeout = 10);
|
||
|
} catch (\Exception $e) {
|
||
|
$logger = StaticContainer::getContainer()->get('Psr\Log\LoggerInterface');
|
||
|
$logger->warning("Can't reach haveibeenpwned.com");
|
||
|
$logger->warning($e->getMessage());
|
||
|
throw new Exception(Piwik::translate("PasswordVerifier_CantReachAPI"));
|
||
|
}
|
||
|
$hashes = [];
|
||
|
if (strpos($response, $suffix) === false) {
|
||
|
return true;
|
||
|
}
|
||
|
foreach (explode("\n", $response) as $hash) {
|
||
|
$split = explode(":", $hash);
|
||
|
$hashes[$split[0]] = (int)$split[1];
|
||
|
}
|
||
|
|
||
|
if (empty($hashes[$suffix])) {
|
||
|
return true;
|
||
|
}
|
||
|
throw new \Exception(Piwik::translate('PasswordVerifier_PasswordFoundInDb', $hashes[$suffix]));
|
||
|
}
|
||
|
}
|