diff options
| author | Brad Jorsch <bjorsch@wikimedia.org> | 2015-09-04 12:17:42 -0400 |
|---|---|---|
| committer | Bryan Davis <bd808@wikimedia.org> | 2015-10-13 16:10:41 -0600 |
| commit | 3d0b4fea3dfb94610be0f0e9d8ff1cb24f106707 (patch) | |
| tree | 42fa1f8fc5969c418e91517b290ce95d548e883c /includes/password/PasswordFactory.php | |
| parent | 176e19e26cf94edec92797c9672806dc13635820 (diff) | |
| download | mediawikicore-3d0b4fea3dfb94610be0f0e9d8ff1cb24f106707.tar.gz mediawikicore-3d0b4fea3dfb94610be0f0e9d8ff1cb24f106707.zip | |
User: Mostly remove password handling
AuthManager is coming, which will make it easier to add alternative
methods of authentication. But in order to do that, we need to finally
get around to ripping the password-related bits out of the User class.
The password expiration handling isn't used anywhere in core or
extensions in Gerrit beyond testing for expired passwords on login and
resetting the expiry date on password change. Those bits have been
inlined and the functions removed; AuthManager will allow each
"authentication provider" to handle its own password expiration.
The methods for fetching passwords, including the fact that mPassword
and other fields are public, has also been removed. This is already
broken in combination with basically any extension that messes with
authentication, and the major use outside of that was in creating
system users like MassMessage's "MediaWiki message delivery" user.
Password setting methods are silently deprecated, since most of the
replacements won't be available until AuthManager. But uses in unit
testing can be replaced with TestUser::setPasswordForUser() immediately.
User::randomPassword() and User::getPasswordFactory() don't really
belong in User either. For the former a new PasswordFactory method has
been created, while the latter should just be replaced by the two lines
to create a PasswordFactory via its constructor.
Bug: T47716
Change-Id: I2c736ad72d946fa9b859e6cd335fa58aececc0d5
Diffstat (limited to 'includes/password/PasswordFactory.php')
| -rw-r--r-- | includes/password/PasswordFactory.php | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/includes/password/PasswordFactory.php b/includes/password/PasswordFactory.php index 86a3fefd5887..e1f272b4c3ad 100644 --- a/includes/password/PasswordFactory.php +++ b/includes/password/PasswordFactory.php @@ -188,4 +188,38 @@ final class PasswordFactory { return $password->needsUpdate(); } } + + /** + * Generate a random string suitable for a password + * + * @param int $minLength Minimum length of password to generate + * @return string + */ + public static function generateRandomPasswordString( $minLength = 10 ) { + // Decide the final password length based on our min password length, + // stopping at a minimum of 10 chars. + $length = max( 10, $minLength ); + // Multiply by 1.25 to get the number of hex characters we need + $length = $length * 1.25; + // Generate random hex chars + $hex = MWCryptRand::generateHex( $length ); + // Convert from base 16 to base 32 to get a proper password like string + return wfBaseConvert( $hex, 16, 32 ); + } + + /** + * Create an InvalidPassword + * + * @return InvalidPassword + */ + public static function newInvalidPassword() { + static $password = null; + + if ( $password === null ) { + $factory = new self(); + $password = new InvalidPassword( $factory, array( 'type' => '' ), null ); + } + + return $password; + } } |