Skip to content

By default enable HIBP check #148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
rullzer wants to merge 3 commits into from
Closed

By default enable HIBP check #148

rullzer wants to merge 3 commits into from

Conversation

@rullzer
Copy link
Member

@rullzer rullzer commented Apr 12, 2021

Signed-off-by: Roeland Jago Douma [email protected]

@rullzer rullzer added this to the Nextcloud 22 milestone Apr 12, 2021
@rullzer rullzer requested a review from LukasReschke April 12, 2021 17:56
@rullzer
By default enable HIBP check
2868152 
Signed-off-by: Roeland Jago Douma <[email protected]>
@MorrisJobke MorrisJobke mentioned this pull request May 20, 2021
Merged
@MorrisJobke
Copy link
Member

MorrisJobke commented May 21, 2021

@LukasReschke 🏓

@LukasReschke
Copy link
Member

LukasReschke commented May 25, 2021

I think we can do this but we should also check for has_internet_connection here:

password_policy/lib/Validator/HIBPValidator.php

Lines 63 to 76 in 37b2f4e

try {
$response = $client->get(
'https://api.pwnedpasswords.com/range/' . $range,
[
'timeout' => 5,
'headers' => [
'Add-Padding' => 'true'
]
]
);
} catch (\Exception $e) {
$this->logger->logException($e, ['level' => ILogger::INFO]);
return;
}

@LukasReschke LukasReschke self-assigned this May 25, 2021
@LukasReschke
Copy link
Member

LukasReschke commented May 25, 2021

Actually I moved this a directly into the config check, this also makes it more obvious for admins in the UI that somehow HIBP is not enabled :)

c735836

@MorrisJobke 🏓

LukasReschke
LukasReschke approved these changes May 25, 2021
View reviewed changes
Copy link
Member

@LukasReschke LukasReschke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reasonable for 22

MorrisJobke
MorrisJobke reviewed May 25, 2021
View reviewed changes
@MorrisJobke
Fix code style
e2ce0ac 
Signed-off-by: Morris Jobke <[email protected]>
@MorrisJobke
Copy link
Member

MorrisJobke commented May 25, 2021

Okay - this is somehow merged into master but not marked in this PR: f356c91

@LukasReschke LukasReschke deleted the enh/default_hipb_check branch May 25, 2021 15:19
@MorrisJobke MorrisJobke mentioned this pull request May 26, 2021
Merged
98 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MorrisJobke MorrisJobke MorrisJobke approved these changes

@LukasReschke LukasReschke LukasReschke approved these changes

Assignees

@LukasReschke LukasReschke

Labels

None yet

Projects

None yet

Milestone

Nextcloud 22

Development

Successfully merging this pull request may close these issues.

4 participants

@rullzer @MorrisJobke @LukasReschke