1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
declare(strict_types=1); |
4
|
|
|
|
5
|
|
|
namespace PasswordHelper; |
6
|
|
|
|
7
|
|
|
/** |
8
|
|
|
* @codeCoverageIgnore |
9
|
|
|
*/ |
10
|
|
|
class Password |
11
|
|
|
{ |
12
|
|
|
/** |
13
|
|
|
* @var StrengthChecker |
14
|
|
|
*/ |
15
|
|
|
protected $checker; |
16
|
|
|
|
17
|
|
|
/** |
18
|
|
|
* @var Generator |
19
|
|
|
*/ |
20
|
|
|
protected $generator; |
21
|
|
|
|
22
|
|
|
/** |
23
|
|
|
* @var Validator |
24
|
|
|
*/ |
25
|
|
|
protected $validator; |
26
|
|
|
|
27
|
|
|
public function __construct(array $config = []) |
28
|
|
|
{ |
29
|
|
|
$policy = new Policy($config); |
30
|
|
|
$this->checker = new StrengthChecker(); |
31
|
|
|
$this->validator = new Validator($policy); |
32
|
|
|
$this->generator = new Generator($policy, $this->validator); |
33
|
|
|
} |
34
|
|
|
|
35
|
|
|
/** |
36
|
|
|
* Generates a password that satisfies the password policy |
37
|
|
|
* |
38
|
|
|
* @return string |
39
|
|
|
* |
40
|
|
|
* @throws \Exception |
41
|
|
|
*/ |
42
|
|
|
public function generate(): string |
43
|
|
|
{ |
44
|
|
|
return $this->generator->generatePassword(); |
45
|
|
|
} |
46
|
|
|
|
47
|
|
|
/** |
48
|
|
|
* Validates that a password satisfies the password policy |
49
|
|
|
* |
50
|
|
|
* @param string $password |
51
|
|
|
* |
52
|
|
|
* @return bool |
53
|
|
|
*/ |
54
|
|
|
public function validateComplexity(string $password): bool |
55
|
|
|
{ |
56
|
|
|
return $this->validator->isValidPassword($password); |
57
|
|
|
} |
58
|
|
|
|
59
|
|
|
/** |
60
|
|
|
* Determines the strength of a given password |
61
|
|
|
* |
62
|
|
|
* @param string $password |
63
|
|
|
* |
64
|
|
|
* @return string |
65
|
|
|
*/ |
66
|
|
|
public function checkStrength(string $password): string |
67
|
|
|
{ |
68
|
|
|
return $this->checker->checkStrength($password); |
69
|
|
|
} |
70
|
|
|
|
71
|
|
|
/** |
72
|
|
|
* Creates a password hash. |
73
|
|
|
* |
74
|
|
|
* @see https://secure.php.net/manual/en/function.password-hash.php |
75
|
|
|
* |
76
|
|
|
* @param string $password The user's password. |
77
|
|
|
|
78
|
|
|
* @return string |
79
|
|
|
*/ |
80
|
|
|
public function hash(string $password): string |
81
|
|
|
{ |
82
|
|
|
return password_hash($password, PASSWORD_DEFAULT); |
83
|
|
|
} |
84
|
|
|
|
85
|
|
|
/** |
86
|
|
|
* Checks if the given hash matches the given options. |
87
|
|
|
* |
88
|
|
|
* @see https://secure.php.net/manual/en/function.password-verify.php |
89
|
|
|
* |
90
|
|
|
* @param string $password The user's password. |
91
|
|
|
* @param string $hash A hash created by password_hash(). |
92
|
|
|
* |
93
|
|
|
* @return bool Returns TRUE if the password and hash match, or FALSE otherwise. |
94
|
|
|
*/ |
95
|
|
|
public function verify(string $password, string $hash): bool |
96
|
|
|
{ |
97
|
|
|
return password_verify($password, $hash); |
98
|
|
|
} |
99
|
|
|
|
100
|
|
|
/** |
101
|
|
|
* Returns information about the given hash |
102
|
|
|
* |
103
|
|
|
* @see https://secure.php.net/manual/en/function.password-get-info.php |
104
|
|
|
* |
105
|
|
|
* @param string $hash A hash created by password_hash() |
106
|
|
|
* |
107
|
|
|
* @return array Returns an associative array with three elements: |
108
|
|
|
* - algo, which will match a password algorithm constant |
109
|
|
|
* - algoName, which has the human readable name of the algorithm |
110
|
|
|
* - options which includes the options provided when calling password_hash() |
111
|
|
|
*/ |
112
|
|
|
public function getInfo(string $hash): array |
113
|
|
|
{ |
114
|
|
|
return password_get_info($hash); |
115
|
|
|
} |
116
|
|
|
|
117
|
|
|
/** |
118
|
|
|
* Checks if the given hash matches the given options. |
119
|
|
|
* |
120
|
|
|
* @see https://secure.php.net/manual/en/function.password-needs-rehash.php |
121
|
|
|
* |
122
|
|
|
* @param string $hash A hash created by password_hash(). |
123
|
|
|
* |
124
|
|
|
* @return bool Returns TRUE if the hash should be rehashed to match the given algo and options, or FALSE otherwise. |
125
|
|
|
*/ |
126
|
|
|
public function checkForRehash(string $hash): bool |
127
|
|
|
{ |
128
|
|
|
return password_needs_rehash($hash, PASSWORD_DEFAULT); |
129
|
|
|
} |
130
|
|
|
} |