Příručka:$wgPasswordConfig
| Přihlášení: $wgPasswordConfig | |
|---|---|
| Konfigurace pro vestavěné typy hesel. |
|
| Zavedeno od verze: | 1.24.0 (Gerrit change 77645; git #95a8974c) |
| Odstraněno od verze: | stále se používá |
| Povolené hodnoty: | (pole) |
| Výchozí hodnota: | viz níže |
| Další nastavení: Podle abecedy | Podle funkce | |
Podrobnosti
Konfigurace pro vestavěné typy hesel.
Mapuje typ hesla na řadu možností:
- class - Třída Password, která se má použít.
- factory (zavedeno od 1.40) - Funkce, která vytvoří a vrátí vhodný objekt Password. Tato možnost je určena pouze pro interní použití. Podpis funkce je nestabilní a v budoucích verzích se může změnit.
Všechny ostatní možnosti jsou závislé na třídě.
Výchozí
| Verze MediaWiki: | ≥ 1.43 |
$wgPasswordConfig = [
'A' => [
'class' => MWOldPassword::class,
],
'B' => [
'class' => MWSaltedPassword::class,
],
'pbkdf2-legacyA' => [
'class' => LayeredParameterizedPassword::class,
'types' => [
'A',
'pbkdf2',
],
],
'pbkdf2-legacyB' => [
'class' => LayeredParameterizedPassword::class,
'types' => [
'B',
'pbkdf2',
],
],
'bcrypt' => [
'class' => BcryptPassword::class,
'cost' => 9,
],
'pbkdf2' => [
'class' => Pbkdf2PasswordUsingOpenSSL::class,
'algo' => 'sha512',
'cost' => '30000',
'length' => '64',
],
'argon2' => [ // 1.33+
'class' => Argon2Password::class,
// Algorithm used:
// * 'argon2i' is optimized against side-channel attacks (PHP 7.2+)
// * 'argon2id' is optimized against both side-channel and GPU cracking (PHP 7.3+)
// * 'auto' to use the best available algorithm. If you're using more than one server, be
// careful when you're mixing PHP versions because newer PHP might generate hashes that
// older versions would not understand.
'algo' => 'auto',
// The parameters below are the same as options accepted by password_hash().
// Set them to override that function's defaults.
//
// 'memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
// 'time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST,
// 'threads' => PASSWORD_ARGON2_DEFAULT_THREADS,
],
];
| Verze MediaWiki: | 1.40 – 1.42 |
$wgPasswordConfig = [
'A' => [
'class' => MWOldPassword::class,
],
'B' => [
'class' => MWSaltedPassword::class,
],
'pbkdf2-legacyA' => [
'class' => LayeredParameterizedPassword::class,
'types' => [
'A',
'pbkdf2',
],
],
'pbkdf2-legacyB' => [
'class' => LayeredParameterizedPassword::class,
'types' => [
'B',
'pbkdf2',
],
],
'bcrypt' => [
'class' => BcryptPassword::class,
'cost' => 9,
],
'pbkdf2' => [
'factory' => [ AbstractPbkdf2Password::class, 'newInstance' ],
'algo' => 'sha512',
'cost' => '30000',
'length' => '64',
],
'argon2' => [ // 1.33+
'class' => Argon2Password::class,
// Algorithm used:
// * 'argon2i' is optimized against side-channel attacks (PHP 7.2+)
// * 'argon2id' is optimized against both side-channel and GPU cracking (PHP 7.3+)
// * 'auto' to use the best available algorithm. If you're using more than one server, be
// careful when you're mixing PHP versions because newer PHP might generate hashes that
// older versions would not understand.
'algo' => 'auto',
// The parameters below are the same as options accepted by password_hash().
// Set them to override that function's defaults.
//
// 'memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
// 'time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST,
// 'threads' => PASSWORD_ARGON2_DEFAULT_THREADS,
],
];
| Verze MediaWiki: | 1.33 – 1.39 |
$wgPasswordConfig = [
'A' => [
'class' => MWOldPassword::class,
],
'B' => [
'class' => MWSaltedPassword::class,
],
'pbkdf2-legacyA' => [
'class' => LayeredParameterizedPassword::class,
'types' => [
'A',
'pbkdf2',
],
],
'pbkdf2-legacyB' => [
'class' => LayeredParameterizedPassword::class,
'types' => [
'B',
'pbkdf2',
],
],
'bcrypt' => [
'class' => BcryptPassword::class,
'cost' => 9,
],
'pbkdf2' => [
'class' => Pbkdf2Password::class,
'algo' => 'sha512',
'cost' => '30000',
'length' => '64',
],
'argon2' => [ // 1.33+
'class' => Argon2Password::class,
// Algorithm used:
// * 'argon2i' is optimized against side-channel attacks (PHP 7.2+)
// * 'argon2id' is optimized against both side-channel and GPU cracking (PHP 7.3+)
// * 'auto' to use the best available algorithm. If you're using more than one server, be
// careful when you're mixing PHP versions because newer PHP might generate hashes that
// older versions would not understand.
'algo' => 'auto',
// The parameters below are the same as options accepted by password_hash().
// Set them to override that function's defaults.
//
// 'memory_cost' => PASSWORD_ARGON2_DEFAULT_MEMORY_COST,
// 'time_cost' => PASSWORD_ARGON2_DEFAULT_TIME_COST,
// 'threads' => PASSWORD_ARGON2_DEFAULT_THREADS,
],
];
| Verze MediaWiki: | 1.31 – 1.32 |
$wgPasswordConfig = [
'A' => [
'class' => MWOldPassword::class,
],
'B' => [
'class' => MWSaltedPassword::class,
],
'pbkdf2-legacyA' => [
'class' => LayeredParameterizedPassword::class,
'types' => [
'A',
'pbkdf2',
],
],
'pbkdf2-legacyB' => [
'class' => LayeredParameterizedPassword::class,
'types' => [
'B',
'pbkdf2',
],
],
'bcrypt' => [
'class' => BcryptPassword::class,
'cost' => 9,
],
'pbkdf2' => [
'class' => Pbkdf2Password::class,
'algo' => 'sha512',
'cost' => '30000',
'length' => '64',
],
];
| Verze MediaWiki: | 1.24 – 1.30 |
$wgPasswordConfig = [
'A' => [
'class' => 'MWOldPassword',
],
'B' => [
'class' => 'MWSaltedPassword',
],
'pbkdf2-legacyA' => [
'class' => 'LayeredParameterizedPassword',
'types' => [
'A',
'pbkdf2',
],
],
'pbkdf2-legacyB' => [
'class' => 'LayeredParameterizedPassword',
'types' => [
'B',
'pbkdf2',
],
],
'bcrypt' => [
'class' => 'BcryptPassword',
'cost' => 9,
],
'pbkdf2' => [
'class' => 'Pbkdf2Password',
'algo' => 'sha512',
'cost' => '30000',
'length' => '64',
],
];
Příklad
Následující příklad ukazuje, jak lze do souboru LocalSettings.php přidat uživatelská šifrování hesel:
$wgPasswordConfig['bcrypt-peppered'] = [
'class' => 'EncryptedPassword',
'underlying' => 'bcrypt',
'secrets' => array(),
'cipher' => MCRYPT_RIJNDAEL_256,
'mode' => MCRYPT_MODE_CBC,
'cost' => 5,
];