You are here

class MigratePassword in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/modules/user/src/MigratePassword.php \Drupal\user\MigratePassword

Replaces the original 'password' service in order to prefix the MD5 re-hashed passwords with the 'U' flag. The new salted hash is recreated on first login similarly to the D6->D7 upgrade path.

Hierarchy

Expanded class hierarchy of MigratePassword

1 file declares its use of MigratePassword
EntityUser.php in core/modules/user/src/Plugin/migrate/destination/EntityUser.php
Contains \Drupal\user\Plugin\migrate\destination\EntityUser.
1 string reference to 'MigratePassword'
user.services.yml in core/modules/user/user.services.yml
core/modules/user/user.services.yml
1 service uses MigratePassword
password_migrate in core/modules/user/user.services.yml
Drupal\user\MigratePassword

File

core/modules/user/src/MigratePassword.php, line 17
Contains \Drupal\user\MigratePassword.

Namespace

Drupal\user
View source
class MigratePassword implements PasswordInterface {

  /**
   * The original password service.
   *
   * @var \Drupal\Core\Password\PasswordInterface
   */
  protected $originalPassword;

  /**
   * Indicates if MD5 password prefixing is enabled.
   */
  protected $enabled = FALSE;

  /**
   * Builds the replacement password service class.
   *
   * @param \Drupal\Core\Password\PasswordInterface $original_password
   *   The password object.
   */
  public function __construct(PasswordInterface $original_password) {
    $this->originalPassword = $original_password;
  }

  /**
   * {@inheritdoc}
   */
  public function check($password, $hash) {
    return $this->originalPassword
      ->check($password, $hash);
  }

  /**
   * {@inheritdoc}
   */
  public function needsRehash($hash) {
    return $this->originalPassword
      ->needsRehash($hash);
  }

  /**
   * {@inheritdoc}
   */
  public function hash($password) {
    $hash = $this->originalPassword
      ->hash($password);

    // Allow prefixing only if the service was asked to prefix. Check also if
    // the $password pattern is conforming to a MD5 result.
    if ($this->enabled && preg_match('/^[0-9a-f]{32}$/', $password)) {
      $hash = 'U' . $hash;
    }
    return $hash;
  }

  /**
   * Enables the MD5 password prefixing.
   */
  public function enableMd5Prefixing() {
    $this->enabled = TRUE;
  }

  /**
   * Disables the MD5 password prefixing.
   */
  public function disableMd5Prefixing() {
    $this->enabled = FALSE;
  }

  /**
   * Implements the PhpassHashedPassword::getCountLog2() method.
   *
   * @todo: Revisit this whole alternate password service:
   *   https://www.drupal.org/node/2540594.
   */
  public function getCountLog2($setting) {
    return $this->originalPassword
      ->getCountLog2($setting);
  }

}

Members

Namesort descending Modifiers Type Description Overrides
MigratePassword::$enabled protected property Indicates if MD5 password prefixing is enabled.
MigratePassword::$originalPassword protected property The original password service.
MigratePassword::check public function Check whether a plain text password matches a hashed password. Overrides PasswordInterface::check
MigratePassword::disableMd5Prefixing public function Disables the MD5 password prefixing.
MigratePassword::enableMd5Prefixing public function Enables the MD5 password prefixing.
MigratePassword::getCountLog2 public function Implements the PhpassHashedPassword::getCountLog2() method.
MigratePassword::hash public function Hash a password using a secure hash. Overrides PasswordInterface::hash
MigratePassword::needsRehash public function Check whether a hashed password needs to be replaced with a new hash. Overrides PasswordInterface::needsRehash
MigratePassword::__construct public function Builds the replacement password service class.
PasswordInterface::PASSWORD_MAX_LENGTH constant Maximum password length.