[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  /**
   4   * Joomla! Content Management System
   5   *
   6   * @copyright  (C) 2017 Open Source Matters, Inc. <https://www.joomla.org>
   7   * @license    GNU General Public License version 2 or later; see LICENSE.txt
   8   */
   9  
  10  namespace Joomla\CMS\Authentication\Password;
  11  
  12  use Joomla\Authentication\Password\HandlerInterface;
  13  
  14  // phpcs:disable PSR1.Files.SideEffects
  15  \defined('JPATH_PLATFORM') or die;
  16  // phpcs:enable PSR1.Files.SideEffects
  17  
  18  /**
  19   * Password handler for PHPass hashed passwords
  20   *
  21   * @since       4.0.0
  22   * @deprecated  5.0  Support for PHPass hashed passwords will be removed
  23   */
  24  class PHPassHandler implements HandlerInterface, CheckIfRehashNeededHandlerInterface
  25  {
  26      /**
  27       * Check if the password requires rehashing
  28       *
  29       * @param   string  $hash  The password hash to check
  30       *
  31       * @return  boolean
  32       *
  33       * @since   4.0.0
  34       */
  35      public function checkIfRehashNeeded(string $hash): bool
  36      {
  37          return true;
  38      }
  39  
  40      /**
  41       * Generate a hash for a plaintext password
  42       *
  43       * @param   string  $plaintext  The plaintext password to validate
  44       * @param   array   $options    Options for the hashing operation
  45       *
  46       * @return  string
  47       *
  48       * @since   4.0.0
  49       */
  50      public function hashPassword($plaintext, array $options = [])
  51      {
  52          return $this->getPasswordHash()->HashPassword($plaintext);
  53      }
  54  
  55      /**
  56       * Check that the password handler is supported in this environment
  57       *
  58       * @return  boolean
  59       *
  60       * @since   4.0.0
  61       */
  62      public static function isSupported()
  63      {
  64          return class_exists(\PasswordHash::class);
  65      }
  66  
  67      /**
  68       * Validate a password
  69       *
  70       * @param   string  $plaintext  The plain text password to validate
  71       * @param   string  $hashed     The password hash to validate against
  72       *
  73       * @return  boolean
  74       *
  75       * @since   4.0.0
  76       */
  77      public function validatePassword($plaintext, $hashed)
  78      {
  79          return $this->getPasswordHash()->CheckPassword($plaintext, $hashed);
  80      }
  81  
  82      /**
  83       * Get an instance of the PasswordHash class
  84       *
  85       * @return  \PasswordHash
  86       *
  87       * @since   4.0.0
  88       */
  89      private function getPasswordHash(): \PasswordHash
  90      {
  91          return new \PasswordHash(10, true);
  92      }
  93  }