PasswordProperty - Code Metrics - Inspection of "Fix PasswordProperty save routine" - locomotivemtl/charcoal-property - Measure and Improve Code Quality continuously with Scrutinizer

Test Setup Failed

Push — master ( 4ba836...58faee )

by Chauncey

created 2019-10-02 23:12 UTC

PasswordProperty A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	83
Duplicated Lines	0 %

Coupling/Cohesion

Components	0
Dependencies	1

Importance

Changes

Metric	Value
wmc	11
lcom	0
cbo	1
dl	0
loc	83
rs	10
c	0
b	0
f	0

5 Methods

Rating	Name	Size	Complexity
A	type()	4	1
A	save()	12	4
A	getMaxLength()	9	2
A	isHashed()	5	1
A	isValid()	12	3

<?php

namespace Charcoal\Property;

// From 'charcoal-property'
use Charcoal\Property\StringProperty;

/**
 * Password Property
 *
 * The password property is a specialized string property meant to store encrypted passwords.
 */
class PasswordProperty extends StringProperty
{
    /**
     * @return string
     */
    public function type()
    {
        return 'password';
    }

    /**
     * Overrides the StringProperty::save() method to ensure the value is encrypted.
     *
     * If the hash is corruped or the algorithm is not recognized, the value will be rehashed.
     *
     * @todo   Implement proper hashing/rehashing/validation.
     * @param  mixed $val The value, at time of saving.
     * @return string
     */
    public function save($val)
    {
        if ($val === null || $val === '') {
            return $val;
        }

        if (!$this->isHashed($val)) {
            $val = password_hash($val, PASSWORD_DEFAULT);
        }

        return $val;
    }

    /**
     * Retrieve the maximum number of characters allowed.
     *
     * @return integer
     */
    public function getMaxLength()
    {
        if (PASSWORD_DEFAULT === PASSWORD_BCRYPT) {
            /** @link https://www.php.net/manual/en/function.password-hash.php */
            return 72;
        }

        return parent::getMaxLength();
    }

    /**
     * Determine if the given value is hashed.
     *
     * If the hash is corruped or the algorithm is not recognized, the value is assumed to be plain-text (not hashed).
     *
     * @param  string $hash The value to test.
     * @return boolean
     */
    public function isHashed($hash)
    {
        $info = password_get_info($hash);
        return !($info['algo'] === 0);
    }

    /**
     * Validates password and rehashes if necessary.
     *
     * If the hash is corruped or the algorithm is not recognized, the value is assumed to be plain-text (not hashed).
     *
     * @param  string $password A plain-text password.
     * @param  string $hash     A hash created by {@see password_hash()}.
     * @return string|boolean
     */
    public function isValid($password, $hash)
    {
        if (password_verify($password, $hash) === false) {
            return false;
        }

        if (password_needs_rehash($hash, PASSWORD_DEFAULT)) {
            return password_hash($password, PASSWORD_DEFAULT);
        }

        return $hash;
    }
}


1			<?php
2
3			namespace Charcoal\Property;
4
5			// From 'charcoal-property'
6			use Charcoal\Property\StringProperty;
7
8			/**
9			* Password Property
10			*
11			* The password property is a specialized string property meant to store encrypted passwords.
12			*/
13			class PasswordProperty extends StringProperty
14			{
15			/**
16			* @return string
17			*/
18			public function type()
19			{
20			return 'password';
21			}
22
23			/**
24			* Overrides the StringProperty::save() method to ensure the value is encrypted.
25			*
26			* If the hash is corruped or the algorithm is not recognized, the value will be rehashed.
27			*
28			* @todo Implement proper hashing/rehashing/validation.
29			* @param mixed $val The value, at time of saving.
30			* @return string
31			*/
32			public function save($val)
33			{
34			if ($val === null \|\| $val === '') {
35			return $val;
36			}
37
38			if (!$this->isHashed($val)) {
39			$val = password_hash($val, PASSWORD_DEFAULT);
40			}
41
42			return $val;
43			}
44
45			/**
46			* Retrieve the maximum number of characters allowed.
47			*
48			* @return integer
49			*/
50			public function getMaxLength()
51			{
52			if (PASSWORD_DEFAULT === PASSWORD_BCRYPT) {
53			/** @link https://www.php.net/manual/en/function.password-hash.php */
54			return 72;
55			}
56
57			return parent::getMaxLength();
58			}
59
60			/**
61			* Determine if the given value is hashed.
62			*
63			* If the hash is corruped or the algorithm is not recognized, the value is assumed to be plain-text (not hashed).
64			*
65			* @param string $hash The value to test.
66			* @return boolean
67			*/
68			public function isHashed($hash)
69			{
70			$info = password_get_info($hash);
71			return !($info['algo'] === 0);
72			}
73
74			/**
75			* Validates password and rehashes if necessary.
76			*
77			* If the hash is corruped or the algorithm is not recognized, the value is assumed to be plain-text (not hashed).
78			*
79			* @param string $password A plain-text password.
80			* @param string $hash A hash created by {@see password_hash()}.
81			* @return string\|boolean
82			*/
83			public function isValid($password, $hash)
84			{
85			if (password_verify($password, $hash) === false) {
86			return false;
87			}
88
89			if (password_needs_rehash($hash, PASSWORD_DEFAULT)) {
90			return password_hash($password, PASSWORD_DEFAULT);
91			}
92
93			return $hash;
94			}
95			}
96

locomotivemtl / charcoal-property

Push — master ( 4ba836...58faee )

PasswordProperty A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

5 Methods

Duplication Side-by-Side

Filter issues like