Implement new password verifier #1187

2025-02-25 18:45:27 -06:00 · 2018-03-08 20:44:56 +01:00 · 2018-03-08 20:44:56 +01:00 · 79d0450c77
commit 79d0450c77
parent bc32bc8831
3 changed files with 77 additions and 20 deletions
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -22,14 +22,13 @@ declare(strict_types=1);

 namespace FireflyIII\Http\Controllers\Auth;

+use DB;
 use FireflyConfig;
 use FireflyIII\Http\Controllers\Controller;
-use FireflyIII\Models\TransactionCurrency;
 use FireflyIII\User;
 use Illuminate\Cookie\CookieJar;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
 use Illuminate\Http\Request;
-use Schema;

 /**
 * @codeCoverageIgnore
@ -123,23 +122,9 @@ class LoginController extends Controller
     */
    public function showLoginForm(Request $request)
    {
-        // check for presence of tables:
-        $hasTable = Schema::hasTable('users');
-
-        if (!$hasTable) {
-            $message
-                = 'Firefly III could not find the "users" table. This is a strong indication your database credentials are wrong or the database has not been initialized. Did you follow the installation instructions correctly?';
-
-            return view('error', compact('message'));
-        }
-
-        // check for presence of currency:
-        $currency = TransactionCurrency::where('code', 'EUR')->first();
-        if (null === $currency) {
-            $message
-                = 'Firefly III could not find the EURO currency. This is a strong indication the database has not been initialized correctly. Did you follow the installation instructions?';
-
-            return view('error', compact('message'));
+        $count = DB::table('users')->count();
+        if ($count === 0) {
+            return redirect(route('register')); // @codeCoverageIgnore
        }

        // forget 2fa session thing.
--- a/app/Providers/FireflyServiceProvider.php
+++ b/app/Providers/FireflyServiceProvider.php
@ -47,6 +47,7 @@ use FireflyIII\Repositories\TransactionType\TransactionTypeRepositoryInterface;
 use FireflyIII\Repositories\User\UserRepository;
 use FireflyIII\Repositories\User\UserRepositoryInterface;
 use FireflyIII\Services\Password\PwndVerifier;
+use FireflyIII\Services\Password\PwndVerifierV2;
 use FireflyIII\Services\Password\Verifier;
 use FireflyIII\Support\Amount;
 use FireflyIII\Support\ExpandedForm;
@ -176,6 +177,6 @@ class FireflyServiceProvider extends ServiceProvider
        $this->app->bind(BudgetReportHelperInterface::class, BudgetReportHelper::class);

        // password verifier thing
-        $this->app->bind(Verifier::class, PwndVerifier::class);
+        $this->app->bind(Verifier::class, PwndVerifierV2::class);
    }
 }
--- a/app/Services/Password/PwndVerifierV2.php
+++ b/app/Services/Password/PwndVerifierV2.php
@ -0,0 +1,71 @@
+<?php
+/**
+ * PwndVerifierV2.php
+ * Copyright (c) 2018 thegrumpydictator@gmail.com
+ *
+ * This file is part of Firefly III.
+ *
+ * Firefly III is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Firefly III is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with Firefly III. If not, see <http://www.gnu.org/licenses/>.
+ */
+declare(strict_types=1);
+
+namespace FireflyIII\Services\Password;
+
+use Log;
+use Requests;
+use Requests_Exception;
+
+/**
+ * Class PwndVerifierV2.
+ */
+class PwndVerifierV2 implements Verifier
+{
+    /**
+     * Verify the given password against (some) service.
+     *
+     * @param string $password
+     *
+     * @return bool
+     */
+    public function validPassword(string $password): bool
+    {
+        $hash   = sha1($password);
+        $prefix = substr($hash, 0, 5);
+        $rest   = substr($hash, 5);
+        $uri    = sprintf('https://api.pwnedpasswords.com/range/%s', $prefix);
+        $opt    = ['useragent' => 'Firefly III v' . config('firefly.version'), 'timeout' => 2];
+
+        Log::debug(sprintf('hash prefix is %s', $prefix));
+        Log::debug(sprintf('rest is %s', $rest));
+
+        try {
+            $result = Requests::get($uri, $opt);
+        } catch (Requests_Exception $e) {
+            return true;
+        }
+        Log::debug(sprintf('Status code returned is %d', $result->status_code));
+        if (404 === $result->status_code) {
+            return true;
+        }
+        $strpos = stripos($result->body, $rest);
+        if ($strpos === false) {
+            Log::debug(sprintf('%s was not found in result body. Return true.', $rest));
+
+            return true;
+        }
+        Log::debug('Could not find %s, return FALSE.');
+
+        return false;
+    }
+}