FEATURE: new setting min_admin_password_length and better default
This commit is contained in:
parent
c15c483931
commit
50e65634d7
|
@ -37,7 +37,7 @@
|
|||
<p>
|
||||
<span style="display: none;"><input name="username" type="text" value="<%= @user.username %>"></span>
|
||||
<input id="user_password" name="password" size="30" type="password" maxlength="<%= User.max_password_length %>" onkeypress="capsLock(event)">
|
||||
<label><%= t('js.user.password.instructions', count: SiteSetting.min_password_length) %></label>
|
||||
<label><%= t('js.user.password.instructions', count: @user.admin? ? SiteSetting.min_admin_password_length : SiteSetting.min_password_length) %></label>
|
||||
</p>
|
||||
<div id="capsLockWarning" class="caps-lock-warning" style="visibility:hidden"><i class="fa fa-exclamation-triangle"></i> <%= t 'js.login.caps_lock_warning' %></div>
|
||||
<p>
|
||||
|
|
|
@ -915,6 +915,7 @@ en:
|
|||
reserved_usernames: "Usernames for which signup is not allowed."
|
||||
|
||||
min_password_length: "Minimum password length."
|
||||
min_admin_password_length: "Minimum password length for Admin."
|
||||
block_common_passwords: "Don't allow passwords that are in the 10,000 most common passwords."
|
||||
|
||||
enable_sso: "Enable single sign on via an external site (WARNING: USERS' EMAIL ADDRESSES *MUST* BE VALIDATED BY THE EXTERNAL SITE!)"
|
||||
|
|
|
@ -292,7 +292,11 @@ users:
|
|||
default: "admin|moderator|administrator|mod|sys|system|community|info|you|name|username|user|nickname|discourse|discourseorg|discourseforum|support"
|
||||
min_password_length:
|
||||
client: true
|
||||
default: 8
|
||||
default: 10
|
||||
min: 1
|
||||
min_admin_password_length:
|
||||
client: true
|
||||
default: 15
|
||||
min: 1
|
||||
block_common_passwords: true
|
||||
enforce_global_nicknames:
|
||||
|
|
|
@ -6,6 +6,8 @@ class PasswordValidator < ActiveModel::EachValidator
|
|||
return unless record.password_required?
|
||||
if value.nil?
|
||||
record.errors.add(attribute, :blank)
|
||||
elsif value.length < SiteSetting.min_admin_password_length && record.admin?
|
||||
record.errors.add(attribute, :too_short, count: SiteSetting.min_admin_password_length)
|
||||
elsif value.length < SiteSetting.min_password_length
|
||||
record.errors.add(attribute, :too_short, count: SiteSetting.min_password_length)
|
||||
elsif record.username.present? && value == record.username
|
||||
|
|
|
@ -40,6 +40,15 @@ describe PasswordValidator do
|
|||
validate
|
||||
expect(record.errors[:password]).to be_present
|
||||
end
|
||||
|
||||
it "adds an error when user is admin and password is less than 15 chars" do
|
||||
SiteSetting.min_admin_password_length = 15
|
||||
|
||||
@password = "12345678912"
|
||||
record.admin = true
|
||||
validate
|
||||
expect(record.errors[:password]).to be_present
|
||||
end
|
||||
end
|
||||
|
||||
context "min password length is 12" do
|
||||
|
@ -55,6 +64,7 @@ describe PasswordValidator do
|
|||
|
||||
context "password is commonly used" do
|
||||
before do
|
||||
SiteSetting.stubs(:min_password_length).returns(8)
|
||||
CommonPasswords.stubs(:common_password?).returns(true)
|
||||
end
|
||||
|
||||
|
@ -74,7 +84,7 @@ describe PasswordValidator do
|
|||
end
|
||||
|
||||
it "adds an error when password is the same as the username" do
|
||||
@password = "porkchops1"
|
||||
@password = "porkchops1234"
|
||||
record.username = @password
|
||||
validate
|
||||
expect(record.errors[:password]).to be_present
|
||||
|
|
|
@ -723,7 +723,7 @@ describe UsersController do
|
|||
context "with values for the fields" do
|
||||
let(:create_params) { {
|
||||
name: @user.name,
|
||||
password: 'watwatwat',
|
||||
password: 'watwatwatwat',
|
||||
username: @user.username,
|
||||
email: @user.email,
|
||||
user_fields: {
|
||||
|
@ -773,7 +773,7 @@ describe UsersController do
|
|||
context "without values for the fields" do
|
||||
let(:create_params) { {
|
||||
name: @user.name,
|
||||
password: 'watwatwat',
|
||||
password: 'watwatwatwat',
|
||||
username: @user.username,
|
||||
email: @user.email,
|
||||
} }
|
||||
|
@ -793,7 +793,7 @@ describe UsersController do
|
|||
let!(:staged) { Fabricate(:staged, email: "staged@account.com") }
|
||||
|
||||
it "succeeds" do
|
||||
xhr :post, :create, email: staged.email, username: "zogstrip", password: "P4ssw0rd"
|
||||
xhr :post, :create, email: staged.email, username: "zogstrip", password: "P4ssw0rd$$"
|
||||
result = ::JSON.parse(response.body)
|
||||
expect(result["success"]).to eq(true)
|
||||
expect(User.find_by(email: staged.email).staged).to eq(false)
|
||||
|
|
Loading…
Reference in New Issue