MediaWiki master
|
Represents a password hash for use in authentication. More...
Inherited by MediaWiki\Password\Argon2Password, MediaWiki\Password\InvalidPassword, and MediaWiki\Password\ParameterizedPassword.
Public Member Functions | |
__construct (PasswordFactory $factory, array $config, string $hash=null) | |
Construct the Password object using a string hash. | |
crypt (string $password) | |
Hash a password and store the result in this object. | |
getType () | |
Get the type name of the password. | |
needsUpdate () | |
Determine if the hash needs to be updated. | |
toString () | |
Convert this hash to a string that can be stored in the database. | |
verify (string $password) | |
Checks whether the given password matches the hash stored in this object. | |
Protected Member Functions | |
assertIsSafeSize (string $hash) | |
Assert that hash will fit in a tinyblob field. | |
isSupported () | |
Whether current password type is supported on this system. | |
parseHash (?string $hash) | |
Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating. | |
Protected Attributes | |
array | $config |
Array of configuration variables injected from the constructor. | |
PasswordFactory | $factory |
Factory that created the object. | |
string null | $hash |
String representation of the hash without the type. | |
Represents a password hash for use in authentication.
Note: All password types are transparently prefixed with :<TYPE>:, where <TYPE> is the registered type of the hash. This prefix is stripped in the constructor and is added back in the toString() function.
When inheriting this class, there are a couple of expectations to be fulfilled:
The abstract functions that must be overridden are:
After creating a new password hash type, it can be registered using the static Password::register() method. The default type is set using the Password::setDefaultType() type. Types must be registered before they can be set as the default.
Definition at line 66 of file Password.php.
|
final |
Construct the Password object using a string hash.
It is strongly recommended not to call this function directly unless you have a reason to. Use the PasswordFactory class instead.
PasswordFactory | $factory | Factory object that created the password |
array | $config | Array of engine configuration options for hashing |
string | null | $hash | The raw hash, including the type |
Definition at line 99 of file Password.php.
References MediaWiki\Password\Password\$config, MediaWiki\Password\Password\$factory, MediaWiki\Password\Password\$hash, MediaWiki\Password\Password\isSupported(), and MediaWiki\Password\Password\parseHash().
|
finalprotected |
Assert that hash will fit in a tinyblob field.
This prevents MW from inserting it into the DB and having MySQL silently truncating it, locking the user out of their account.
string | $hash | The hash in question. |
PasswordError | If hash does not fit in DB. |
Definition at line 196 of file Password.php.
|
abstract |
Hash a password and store the result in this object.
The result of the password hash should be put into the internal state of the hash object.
string | $password | Password to hash |
PasswordError | If an internal error occurs in hashing |
Reimplemented in MediaWiki\Password\AbstractPbkdf2Password, MediaWiki\Password\Argon2Password, MediaWiki\Password\BcryptPassword, MediaWiki\Password\EncryptedPassword, MediaWiki\Password\LayeredParameterizedPassword, MediaWiki\Password\InvalidPassword, MediaWiki\Password\MWOldPassword, and MediaWiki\Password\MWSaltedPassword.
Referenced by MediaWiki\Password\LayeredParameterizedPassword\partialCrypt().
|
final |
Get the type name of the password.
Definition at line 123 of file Password.php.
|
protected |
Whether current password type is supported on this system.
Reimplemented in MediaWiki\Password\Argon2Password.
Definition at line 132 of file Password.php.
Referenced by MediaWiki\Password\Password\__construct().
|
abstract |
Determine if the hash needs to be updated.
Reimplemented in MediaWiki\Password\Argon2Password, MediaWiki\Password\InvalidPassword, and MediaWiki\Password\ParameterizedPassword.
|
protected |
Perform any parsing necessary on the hash to see if the hash is valid and/or to perform logic for seeing if the hash needs updating.
string | null | $hash | The hash, with the :<TYPE>: prefix stripped |
PasswordError | If there is an error in parsing the hash |
Reimplemented in MediaWiki\Password\BcryptPassword, and MediaWiki\Password\ParameterizedPassword.
Definition at line 143 of file Password.php.
Referenced by MediaWiki\Password\Password\__construct().
MediaWiki\Password\Password::toString | ( | ) |
Convert this hash to a string that can be stored in the database.
The resulting string should be considered the serialized representation of this hash, i.e., if the return value were recycled back into PasswordFactory::newFromCiphertext, the returned object would be equivalent to this; also, if two objects return the same value from this function, they are considered equivalent.
PasswordError | if password cannot be serialized to fit a tinyblob. |
Reimplemented in MediaWiki\Password\Argon2Password, MediaWiki\Password\InvalidPassword, and MediaWiki\Password\ParameterizedPassword.
Definition at line 180 of file Password.php.
MediaWiki\Password\Password::verify | ( | string | $password | ) |
Checks whether the given password matches the hash stored in this object.
string | $password | Password to check |
Reimplemented in MediaWiki\Password\Argon2Password, MediaWiki\Password\EncryptedPassword, and MediaWiki\Password\InvalidPassword.
Definition at line 159 of file Password.php.
|
protected |
Array of configuration variables injected from the constructor.
Definition at line 82 of file Password.php.
Referenced by MediaWiki\Password\Password\__construct().
|
protected |
Factory that created the object.
Definition at line 70 of file Password.php.
Referenced by MediaWiki\Password\Password\__construct().
|
protected |
String representation of the hash without the type.
Definition at line 76 of file Password.php.
Referenced by MediaWiki\Password\Password\__construct().