mirror of
https://github.com/Findus23/plugin-PasswordVerifier.git
synced 2024-09-11 06:43:46 +02:00
56 lines
1.6 KiB
PHP
56 lines
1.6 KiB
PHP
<?php
|
|
/**
|
|
* Piwik - free/libre analytics platform
|
|
*
|
|
* @link http://piwik.org
|
|
* @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
|
|
*/
|
|
|
|
namespace Piwik\Plugins\PasswordVerifier;
|
|
|
|
use Piwik\Container\StaticContainer;
|
|
use Piwik\Http;
|
|
use Piwik\Piwik;
|
|
use Piwik\Plugins\BulkTracking\Tracker\Response;
|
|
use Piwik\Validators\Exception;
|
|
use Psr\Log\LoggerInterface;
|
|
|
|
class PasswordVerifier extends \Piwik\Plugin
|
|
{
|
|
|
|
public function registerEvents() {
|
|
return array(
|
|
'UsersManager.checkPassword' => 'verifyPassword'
|
|
);
|
|
}
|
|
|
|
public function verifyPassword($password) {
|
|
$hash = strtoupper(sha1($password));
|
|
$prefix = substr($hash, 0, 5);
|
|
$suffix = substr($hash, 5);
|
|
$url = 'https://api.pwnedpasswords.com/range/' . $prefix;
|
|
|
|
|
|
try {
|
|
$response = Http::sendHttpRequest($url, $timeout = 10);
|
|
} catch (\Exception $e) {
|
|
$logger = StaticContainer::getContainer()->get('Psr\Log\LoggerInterface');
|
|
$logger->warning("Can't reach haveibeenpwned.com");
|
|
$logger->warning($e->getMessage());
|
|
throw new Exception(Piwik::translate("PasswordVerifier_CantReachAPI"));
|
|
}
|
|
$hashes = [];
|
|
if (strpos($response, $suffix) === false) {
|
|
return true;
|
|
}
|
|
foreach (explode("\n", $response) as $hash) {
|
|
$split = explode(":", $hash);
|
|
$hashes[$split[0]] = (int)$split[1];
|
|
}
|
|
|
|
if (empty($hashes[$suffix])) {
|
|
return true;
|
|
}
|
|
throw new \Exception(Piwik::translate('PasswordVerifier_PasswordFoundInDb', $hashes[$suffix]));
|
|
}
|
|
}
|