@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
1<?php
2
3/**
4 * Check if a password is extremely common. Preventing use of the most common
5 * passwords is an attempt to mitigate slow botnet attacks against an entire
6 * userbase. See T4143 for discussion.
7 *
8 * @task common Checking Common Passwords
9 */
10final class PhabricatorCommonPasswords extends Phobject {
11
12
13/* -( Checking Common Passwords )------------------------------------------ */
14
15
16 /**
17 * Check if a password is extremely common.
18 *
19 * @param string $password Password to test.
20 * @return bool True if the password is pathologically weak.
21 *
22 * @task common
23 */
24 public static function isCommonPassword($password) {
25 static $list;
26 if ($list === null) {
27 $list = self::loadWordlist();
28 }
29
30 return isset($list[strtolower($password)]);
31 }
32
33
34 /**
35 * Load the common password wordlist.
36 *
37 * @return map<string, bool> Map of common passwords.
38 *
39 * @task common
40 */
41 private static function loadWordlist() {
42 $root = dirname(phutil_get_library_root('phabricator'));
43 $file = $root.'/externals/wordlist/password.lst';
44 $data = Filesystem::readFile($file);
45
46 $words = phutil_split_lines($data, $retain_endings = false);
47
48 $map = array();
49 foreach ($words as $key => $word) {
50 // The wordlist file has some comments at the top, strip those out.
51 if (preg_match('/^#!comment:/', $word)) {
52 continue;
53 }
54 $map[strtolower($word)] = true;
55 }
56
57 // Add in some application-specific passwords.
58 $map += array(
59 'phabricator' => true,
60 'phab' => true,
61 'devtools' => true,
62 'differential' => true,
63 'codereview' => true,
64 'review' => true,
65 );
66
67 return $map;
68 }
69
70}