Commit d0c71898 authored by Thomas Löffler's avatar Thomas Löffler
Browse files

Merge branch 'master' into 'master'

# Conflicts:
#   Classes/Utilities/PasswordExpirationUtility.php
parents b2d4b44d 08b06acf
<?php
namespace SpoonerWeb\BeSecurePw\Configuration;
/*
* This file is part of a TYPO3 extension.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
/**
* Class ExtensionConfiguration
*
* @author Thomas Löffler <loeffler@spooner-web.de>
*/
class ExtensionConfiguration
{
public static function getExtensionConfig(): ?array
{
return \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Core\Configuration\ExtensionConfiguration::class)
->get('be_secure_pw');
}
}
\ No newline at end of file
......@@ -33,7 +33,6 @@ class PasswordEvaluator
const PATTERN_CAPITAL_CHAR = '/[A-Z]/';
const PATTERN_DIGIT = '/[0-9]/';
const PATTERN_SPECIAL_CHAR = '/[^0-9a-z]/i';
const PATTERN_MD5 = '/[0-9abcdef]{32,32}/';
/**
* This function just return the field value as it is. No transforming,
......@@ -54,6 +53,7 @@ class PasswordEvaluator
* @param integer $set Determines if the field can be set (value correct) or not
* @param boolean $storeFlashMessageInSession Used only for phpunit issues
* @return string The new value of the field
* @throws \TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException
*/
public function evaluateFieldValue(
string $value,
......@@ -62,7 +62,7 @@ class PasswordEvaluator
bool $storeFlashMessageInSession = true
): string {
$confArr = $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['be_secure_pw'];
$extConf = \SpoonerWeb\BeSecurePw\Configuration\ExtensionConfiguration::getExtensionConfig();
/** @var \TYPO3\CMS\Core\DataHandling\DataHandler $tce */
$tce = Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Core\DataHandling\DataHandler::class);
......@@ -85,8 +85,8 @@ class PasswordEvaluator
$messages = [];
// check for password length
$passwordLength = (int)$confArr['passwordLength'];
if ($confArr['passwordLength'] && $passwordLength && strlen($value) < $confArr['passwordLength']) {
$passwordLength = (int)$extConf['passwordLength'];
if ($extConf['passwordLength'] && $passwordLength && strlen($value) < $extConf['passwordLength']) {
/* password too short */
$set = false;
$logger->error(
......@@ -106,7 +106,7 @@ class PasswordEvaluator
];
foreach ($checks as $index => $pattern) {
if ($confArr[$index]) {
if ($extConf[$index]) {
if (preg_match($pattern, $value) > 0) {
$counter++;
} else {
......@@ -115,9 +115,9 @@ class PasswordEvaluator
}
}
if ($counter < $confArr['patterns']) {
if ($counter < $extConf['patterns']) {
/* password does not fit all conventions */
$ignoredPatterns = $confArr['patterns'] - $counter;
$ignoredPatterns = $extConf['patterns'] - $counter;
$additional = '';
$set = false;
......@@ -143,7 +143,9 @@ class PasswordEvaluator
if ($set) {
// Hash password before storing it
$hashInstance = Utility\GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('BE');
$value = $hashInstance->getHashedPassword($value);
if ($hashInstance->isHashUpdateNeeded($value)) {
$value = $hashInstance->getHashedPassword($value);
}
return $value;
}
......@@ -160,5 +162,4 @@ class PasswordEvaluator
// if password not valid return empty password
return '';
}
}
......@@ -72,7 +72,7 @@ class BackendHook
];
// get configuration of a secure password
$extConf = $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS']['be_secure_pw'];
$extConf = \SpoonerWeb\BeSecurePw\Configuration\ExtensionConfiguration::getExtensionConfig();
$labelsForJS = 'TYPO3.lang.beSecurePw = ' . json_encode($generatedLabels) . ';';
......
......@@ -60,6 +60,9 @@ class PasswordExpirationUtility
$lastPwChange = (int)$beUser['tx_besecurepw_lastpwchange'];
$lastLogin = (int)$beUser['lastlogin'];
// get configuration of a secure password
$extConf = \SpoonerWeb\BeSecurePw\Configuration\ExtensionConfiguration::getExtensionConfig();
$validUntilConfiguration = trim($extConf['validUntil']);
$validUntil = 0;
......
......@@ -22,6 +22,7 @@ $tempColumns = [
'type' => 'input',
'size' => 12,
'eval' => 'datetime',
'renderType' => 'inputDateTime',
'default' => 0
]
],
......
......@@ -27,9 +27,9 @@
},
"require": {
"php": "^7.2",
"typo3/cms-core": "^9.5",
"typo3/cms-setup": "^9.5",
"typo3/cms-beuser": "^9.5"
"typo3/cms-core": "^9.5 || ^10.0",
"typo3/cms-setup": "^9.5 || ^10.0",
"typo3/cms-beuser": "^9.5 || ^10.0"
},
"autoload": {
"psr-4": {
......
......@@ -13,7 +13,7 @@ $EM_CONF[$_EXTKEY] = [
'description' => 'You can set password conventions to force secure passwords for BE users.',
'category' => 'be',
'shy' => 0,
'version' => '9.0.2-dev',
'version' => '9.1.0',
'priority' => '',
'loadOrder' => '',
'module' => '',
......@@ -26,7 +26,7 @@ $EM_CONF[$_EXTKEY] = [
'constraints' => [
'depends' => [
'php' => '7.2',
'typo3' => '9.5.7 - 9.5.99',
'typo3' => '9.5.7 - 10.99.99',
],
'conflicts' => [],
'suggests' => [],
......
......@@ -2,7 +2,7 @@
defined('TYPO3_MODE') || die('Access denied.');
use SpoonerWeb\BeSecurePw;
$boot = function ($extensionKey) {
$boot = function () {
// here we register "PasswordEvaluator"
// for editing by tca form
......@@ -21,13 +21,15 @@ $boot = function ($extensionKey) {
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['processDatamapClass']['be_secure_pw'] =
BeSecurePw\Hook\BackendHook::class;
$extConf = $GLOBALS['TYPO3_CONF_VARS']['EXTENSIONS'][$extensionKey];
$extConf = \SpoonerWeb\BeSecurePw\Configuration\ExtensionConfiguration::getExtensionConfig();
// execution of is hook only needed in backend, but it is in the abstract class and could also be executed
// from frontend otherwise if the backend is set to adminOnly, we can not enforce the change,
// because the hook removes the admin flag
if (!empty($extConf['forcePasswordChange']) && TYPO3_MODE === 'BE'
&& (int)$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] === 0) {
if (!empty($extConf['forcePasswordChange'])
&& TYPO3_MODE === 'BE'
&& (int)$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] === 0
) {
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_pagerenderer.php']['render-postProcess'][] =
BeSecurePw\Hook\RestrictModulesHook::class . '->addRefreshJavaScript';
......@@ -36,5 +38,5 @@ $boot = function ($extensionKey) {
}
};
$boot($_EXTKEY);
$boot();
unset($boot);
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment