|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
namespace Firesphere\HaveIBeenPwned\Extensions; |
|
4
|
|
|
|
|
5
|
|
|
use SilverStripe\Forms\CheckboxField; |
|
6
|
|
|
use SilverStripe\Forms\FieldList; |
|
7
|
|
|
use SilverStripe\Forms\LiteralField; |
|
8
|
|
|
use SilverStripe\Forms\ReadonlyField; |
|
9
|
|
|
use SilverStripe\ORM\DataExtension; |
|
10
|
|
|
use SilverStripe\Security\Member; |
|
11
|
|
|
|
|
12
|
|
|
/** |
|
13
|
|
|
* Class \Firesphere\HaveIBeenPwned\Extensions\MemberExtension |
|
14
|
|
|
* |
|
15
|
|
|
* @property Member|MemberExtension $owner |
|
16
|
|
|
* @property int $PasswordIsPwnd |
|
17
|
|
|
* @property string $BreachedSites |
|
18
|
|
|
*/ |
|
19
|
|
|
class MemberExtension extends DataExtension |
|
20
|
|
|
{ |
|
21
|
|
|
/** |
|
22
|
|
|
* Name of the tab that is used for HaveIBeenPwned |
|
23
|
|
|
*/ |
|
24
|
|
|
const PWND_TAB = 'Root.HaveIBeenPwned'; |
|
25
|
|
|
|
|
26
|
|
|
/** |
|
27
|
|
|
* @var array |
|
28
|
|
|
*/ |
|
29
|
|
|
private static $db = [ |
|
|
|
|
|
|
30
|
|
|
'PasswordIsPwnd' => 'Int', |
|
31
|
|
|
'BreachedSites' => 'Text' |
|
32
|
|
|
]; |
|
33
|
|
|
|
|
34
|
|
|
protected $fallbackHelp = 'If the error says that you "have been Pwnd", it means your password appears in the ' . |
|
35
|
|
|
'<a href="https://haveibeenpwned.com/Privacy">Have I Been Pwnd</a> database. ' . |
|
36
|
|
|
'Therefore, we can not accept your password, because it is insecure or known to have been breached. ' . |
|
37
|
|
|
'Before a password is safely stored in our database, we test if the password has been breached. ' . |
|
38
|
|
|
'We do not share your password. ' . |
|
39
|
|
|
'We run a safe test against the HaveIBeenPwned database to. ' . |
|
40
|
|
|
'None of your data is shared or stored at HaveIBeenPwned. ' . |
|
41
|
|
|
'For more information, you can read up on "Password safety", ' . |
|
42
|
|
|
'and we strongly recommend installing a password manager if you haven\'t already. ' . |
|
43
|
|
|
'Several options are LastPass, BitWarden and 1Password. ' . |
|
44
|
|
|
'These services are also able to test your passwords against the HaveIBeenPwned database, ' . |
|
45
|
|
|
'to see if your passwords are secure and safe.<br />' . |
|
46
|
|
|
'Furthermore, <a href="https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/">' . |
|
47
|
|
|
'Troy Hunt explains why and how this service is important</a>.'; |
|
48
|
|
|
|
|
49
|
|
|
/** |
|
50
|
|
|
* @param FieldList $fields |
|
51
|
|
|
*/ |
|
52
|
|
|
public function updateCMSFields(FieldList $fields) |
|
53
|
|
|
{ |
|
54
|
|
|
// PwndDisabled always needs to be false |
|
55
|
|
|
$this->owner->PwndDisabled = false; |
|
|
|
|
|
|
56
|
|
|
|
|
57
|
|
|
$fields->removeByName(['BreachedSites', 'PasswordIsPwnd']); |
|
58
|
|
|
$this->breachFound($fields); |
|
59
|
|
|
|
|
60
|
|
|
$this->breachedSites($fields); |
|
61
|
|
|
|
|
62
|
|
|
$fields->addFieldsToTab('Root.Main', [ |
|
63
|
|
|
ReadonlyField::create( |
|
64
|
|
|
'PasswordIsPwnd', |
|
65
|
|
|
_t(self::class . '.PWNCOUNT', 'Pwnd Count') |
|
66
|
|
|
)->setDescription(_t( |
|
67
|
|
|
self::class . '.AMOUNT', |
|
68
|
|
|
'Amount of times the password appears in the Have I Been Pwnd database' |
|
69
|
|
|
)), |
|
70
|
|
|
CheckboxField::create( |
|
71
|
|
|
'PwndDisabled', |
|
72
|
|
|
_t(self::class . '.TMPDISABLE', 'Disable "Have I Been Pwnd" temporarily') |
|
73
|
|
|
)->setDescription(_t( |
|
74
|
|
|
self::class . '.TMPDISABLEDESCR', |
|
75
|
|
|
'Allow the password to be a compromised password once (only from the CMS), ' . |
|
76
|
|
|
'to reset a users password manually and let the user reset the password on first login.' |
|
77
|
|
|
)) |
|
78
|
|
|
]); |
|
79
|
|
|
} |
|
80
|
|
|
|
|
81
|
|
|
/** |
|
82
|
|
|
* @param FieldList $fields |
|
83
|
|
|
*/ |
|
84
|
|
|
protected function breachFound(FieldList $fields) |
|
85
|
|
|
{ |
|
86
|
|
|
if ($this->owner->BreachedSites || $this->owner->PasswordIsPwnd) { |
|
87
|
|
|
$fields->findOrMakeTab( |
|
88
|
|
|
static::PWND_TAB, |
|
89
|
|
|
_t(self::class . '.PWNDTAB', 'Have I Been Pwnd?') |
|
90
|
|
|
); |
|
91
|
|
|
$text = _t( |
|
92
|
|
|
self::class . '.PWNDHelp', |
|
93
|
|
|
$this->fallbackHelp |
|
94
|
|
|
); |
|
95
|
|
|
|
|
96
|
|
|
$help = LiteralField::create('Helptext', '<p>' . $text . '</p>'); |
|
97
|
|
|
$fields->addFieldToTab(static::PWND_TAB, $help); |
|
98
|
|
|
} |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
/** |
|
102
|
|
|
* @param FieldList $fields |
|
103
|
|
|
*/ |
|
104
|
|
|
protected function breachedSites(FieldList $fields) |
|
105
|
|
|
{ |
|
106
|
|
|
if ($this->owner->BreachedSites) { |
|
107
|
|
|
$fields->addFieldToTab( |
|
108
|
|
|
static::PWND_TAB, |
|
109
|
|
|
ReadonlyField::create( |
|
110
|
|
|
'BreachedSites', |
|
111
|
|
|
_t(self::class . '.BREACHEDSITES', 'Known breaches') |
|
112
|
|
|
)->setDescription(_t( |
|
113
|
|
|
self::class . '.BREACHEDDESCRIPTION', |
|
114
|
|
|
'Sites on which your email address or username has been found in known breaches.' |
|
115
|
|
|
)) |
|
116
|
|
|
); |
|
117
|
|
|
} |
|
118
|
|
|
} |
|
119
|
|
|
} |
|
120
|
|
|
|
Firesphere /
silverstripe-haveibeenpwnd
Loading history...