23use Cdb\Reader as CdbReader;
25use Wikimedia\PasswordBlacklist;
48 $status = Status::newGood();
49 if ( $policyVal > strlen( $password ) ) {
50 $status->error(
'passwordtooshort', $policyVal );
65 $status = Status::newGood();
66 if ( $policyVal > strlen( $password ) ) {
67 $status->fatal(
'passwordtooshort', $policyVal );
81 $status = Status::newGood();
82 if ( $policyVal < strlen( $password ) ) {
83 $status->fatal(
'passwordtoolong', $policyVal );
96 $status = Status::newGood();
98 $contLang = MediaWikiServices::getInstance()->getContentLanguage();
100 $policyVal && hash_equals( $contLang->lc( $username ), $contLang->lc( $password ) )
102 $status->error(
'password-name-match' );
115 static $blockedLogins = [
116 'Useruser' =>
'Passpass',
'Useruser1' =>
'Passpass1', # r75589
117 'Apitestsysop' =>
'testpass',
'Apitestuser' =>
'testpass' # r75605
120 $status = Status::newGood();
124 isset( $blockedLogins[$username] ) &&
125 hash_equals( $blockedLogins[$username], $password )
127 $status->error(
'password-login-forbidden' );
131 if ( hash_equals(
'ExamplePassword', $password ) ) {
132 $status->error(
'password-login-forbidden' );
154 $status = Status::newGood();
155 if ( $policyVal > 0 ) {
156 $langEn = Language::factory(
'en' );
157 $passwordKey = $langEn->lc( trim( $password ) );
163 $hardcodedCommonPasswords = [
'',
'wiki',
'mediawiki', $sitename ];
164 if ( in_array( $passwordKey, $hardcodedCommonPasswords ) ) {
165 $status->error(
'passwordtoopopular' );
176 $res = $db->get( $passwordKey );
177 if (
$res && (
int)
$res <= $policyVal ) {
181 $status->error(
'passwordtoopopular' );
202 $status = Status::newGood();
203 if ( $policyVal && PasswordBlacklist\PasswordBlacklist::isBlacklisted( $password ) ) {
204 $status->error(
'passwordinlargeblacklist' );
string $wgPopularPasswordFile
Where popular password file is located.
$wgSitename
Name of the site.
Functions to check passwords against a policy requirement.
static checkPasswordCannotMatchUsername( $policyVal, User $user, $password)
Check if username and password are a (case-insensitive) match.
static checkMinimalPasswordLength( $policyVal, User $user, $password)
Check password is longer than minimum, not fatal.
static checkPasswordCannotMatchBlacklist( $policyVal, User $user, $password)
Check if username and password are on a blacklist of past MediaWiki default passwords.
static checkPopularPasswordBlacklist( $policyVal, User $user, $password)
Ensure that password isn't in top X most popular passwords, as defined by $wgPopularPasswordFile.
static checkMinimumPasswordLengthToLogin( $policyVal, User $user, $password)
Check password is longer than minimum, fatal.
static checkMaximalPasswordLength( $policyVal, User $user, $password)
Check password is shorter than maximum, fatal.
static checkPasswordNotInLargeBlacklist( $policyVal, User $user, $password)
Ensure the password isn't in the list of passwords blacklisted by the wikimedia/password-blacklist li...
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
getName()
Get the user name, or the IP of an anonymous user.