diff options
Diffstat (limited to 'plugins/UsersManager/UsersManager.php')
-rw-r--r-- | plugins/UsersManager/UsersManager.php | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/plugins/UsersManager/UsersManager.php b/plugins/UsersManager/UsersManager.php index 4f72e98775..a844aee258 100644 --- a/plugins/UsersManager/UsersManager.php +++ b/plugins/UsersManager/UsersManager.php @@ -12,6 +12,7 @@ use Exception; use Piwik\Access\Role\Admin; use Piwik\Access\Role\Write; use Piwik\API\Request; +use Piwik\Auth\Password; use Piwik\Common; use Piwik\Option; use Piwik\Piwik; @@ -197,11 +198,27 @@ class UsersManager extends \Piwik\Plugin public static function getPasswordHash($password) { + self::checkBasicPasswordStrength($password); + // if change here, should also edit the installation process // to change how the root pwd is saved in the config file return md5($password); } + public static function checkBasicPasswordStrength($password) + { + $ex = new \Exception('This password is too weak, please supply another value or reset it.'); + + $numDistinctCharacters = strlen(count_chars($password, 3)); + if ($numDistinctCharacters < 2) { + throw $ex; + } + + if (strlen($password) < 6) { + throw $ex; + } + } + /** * Checks the password hash length. Used as a sanity check. * |