password validation working

This commit is contained in:
Ozzieisaacs 2022-06-16 11:15:17 +02:00
parent d6a31e5db8
commit 04326af2da
5 changed files with 28 additions and 15 deletions

View file

@ -1778,7 +1778,7 @@ def _configuration_update_helper():
_config_checkbox(to_save, "config_password_upper")
_config_checkbox(to_save, "config_password_special")
_config_int(to_save, "config_password_min_length")
_config_int(to_save, "config_session")
reboot_required |= _config_int(to_save, "config_session")
# Rarfile Content configuration
_config_string(to_save, "config_rarfile_location")

View file

@ -25,10 +25,6 @@ var i18n = {};
wordTwoCharacterClasses: 'Use different character classes',
wordRepetitions: 'Too many repetitions',
wordSequences: 'Your password contains sequences',
// wordLowercase: "Use at least one lowercase character",
// wordUppercase: "Use at least one uppercase character",
// wordOneNumber: "Use at least one number",
// wordOneSpecialChar: "Use at least one special character",
errorList: 'Errors:',
veryWeak: 'Very Weak',
weak: 'Weak',
@ -376,7 +372,7 @@ defaultOptions.rules.activated = {
wordIsACommonPassword: true
};
defaultOptions.rules.raisePower = 1.4;
defaultOptions.rules.specialCharClass = '[!,@,#,$,%,^,&,*,?,_,~]';
defaultOptions.rules.specialCharClass = "(?=.*?[^A-Za-z\s0-9])"; //'[!,@,#,$,%,^,&,*,?,_,~]';
// List taken from https://github.com/danielmiessler/SecLists (MIT License)
defaultOptions.rules.commonPasswords = [
'123456',

View file

@ -37,20 +37,21 @@ $(document).ready(function() {
showVerdicts: false,
}
options.rules= {
specialCharClass: "(?=.*?[^A-Za-z\\s0-9])",
activated: {
wordNotEmail: false,
wordMinLength: $('#password').data("min") ? true : false,
wordMinLength: $('#password').data("min"),
// wordMaxLength: false,
// wordInvalidChar: true,
wordSimilarToUsername: false,
wordSequences: false,
wordTwoCharacterClasses: false,
wordRepetitions: false,
wordLowercase: $('#password').data("lower") ? true : false,
wordUppercase: $('#password').data("upper") ? true : false,
wordOneNumber: $('#password').data("number") ? true : false,
wordLowercase: $('#password').data("lower") === "True" ? true : false,
wordUppercase: $('#password').data("upper") === "True" ? true : false,
wordOneNumber: $('#password').data("number") === "True" ? true : false,
wordThreeNumbers: false,
wordOneSpecialChar: $('#password').data("special") ? true : false,
wordOneSpecialChar: $('#password').data("special") === "True" ? true : false,
// wordTwoSpecialChar: true,
wordUpperLowerCombo: false,
wordLetterNumberCombo: false,

View file

@ -400,7 +400,6 @@
</div>
</div>
</div>
</div>
</div>
<div class="col-sm-12">
<button type="button" name="submit" id="config_submit" class="btn btn-default">{{_('Save')}}</button>

View file

@ -23,6 +23,7 @@ import json
import mimetypes
import chardet # dependency of requests
import copy
import re
from flask import Blueprint, jsonify
from flask import request, redirect, send_from_directory, make_response, flash, abort, url_for
@ -55,6 +56,7 @@ from .kobo_sync_status import remove_synced_book
from .render_template import render_title_template
from .kobo_sync_status import change_archived_books
feature_support = {
'ldap': bool(services.ldap),
'goodreads': bool(services.goodreads_support),
@ -1355,10 +1357,25 @@ def logout():
def change_profile(kobo_support, local_oauth_check, oauth_status, translations, languages):
to_save = request.form.to_dict()
current_user.random_books = 0
if current_user.role_passwd() or current_user.role_admin():
if to_save.get("password"):
current_user.password = generate_password_hash(to_save.get("password"))
try:
if current_user.role_passwd() or current_user.role_admin():
if to_save.get("password"):
if config.config_password_policy:
verify = ""
if config.config_password_min_length > 0:
verify += "^(?=\S{" + str(config.config_password_min_length) + ",}$)"
if config.config_password_number:
verify += "(?=.*?\d)"
if config.config_password_lower:
verify += "(?=.*?[a-z])"
if config.config_password_upper:
verify += "(?=.*?[A-Z])"
if config.config_password_special:
verify += "(?=.*?[^A-Za-z\s0-9])"
match = re.match(verify, to_save.get("password"))
if not match:
raise Exception(_("Password doesn't comply with password validation rules"))
current_user.password = generate_password_hash(to_save.get("password"))
if to_save.get("kindle_mail", current_user.kindle_mail) != current_user.kindle_mail:
current_user.kindle_mail = valid_email(to_save.get("kindle_mail"))
if to_save.get("email", current_user.email) != current_user.email: