FEATURE: new setting min_admin_password_length and better default

This commit is contained in:
Arpit Jalan 2016-03-02 14:01:38 +05:30
parent c15c483931
commit 50e65634d7
6 changed files with 23 additions and 6 deletions

View File

@ -37,7 +37,7 @@
<p>
<span style="display: none;"><input name="username" type="text" value="<%= @user.username %>"></span>
<input id="user_password" name="password" size="30" type="password" maxlength="<%= User.max_password_length %>" onkeypress="capsLock(event)">
<label><%= t('js.user.password.instructions', count: SiteSetting.min_password_length) %></label>
<label><%= t('js.user.password.instructions', count: @user.admin? ? SiteSetting.min_admin_password_length : SiteSetting.min_password_length) %></label>
</p>
<div id="capsLockWarning" class="caps-lock-warning" style="visibility:hidden"><i class="fa fa-exclamation-triangle"></i> <%= t 'js.login.caps_lock_warning' %></div>
<p>

View File

@ -915,6 +915,7 @@ en:
reserved_usernames: "Usernames for which signup is not allowed."
min_password_length: "Minimum password length."
min_admin_password_length: "Minimum password length for Admin."
block_common_passwords: "Don't allow passwords that are in the 10,000 most common passwords."
enable_sso: "Enable single sign on via an external site (WARNING: USERS' EMAIL ADDRESSES *MUST* BE VALIDATED BY THE EXTERNAL SITE!)"

View File

@ -292,7 +292,11 @@ users:
default: "admin|moderator|administrator|mod|sys|system|community|info|you|name|username|user|nickname|discourse|discourseorg|discourseforum|support"
min_password_length:
client: true
default: 8
default: 10
min: 1
min_admin_password_length:
client: true
default: 15
min: 1
block_common_passwords: true
enforce_global_nicknames:

View File

@ -6,6 +6,8 @@ class PasswordValidator < ActiveModel::EachValidator
return unless record.password_required?
if value.nil?
record.errors.add(attribute, :blank)
elsif value.length < SiteSetting.min_admin_password_length && record.admin?
record.errors.add(attribute, :too_short, count: SiteSetting.min_admin_password_length)
elsif value.length < SiteSetting.min_password_length
record.errors.add(attribute, :too_short, count: SiteSetting.min_password_length)
elsif record.username.present? && value == record.username

View File

@ -40,6 +40,15 @@ describe PasswordValidator do
validate
expect(record.errors[:password]).to be_present
end
it "adds an error when user is admin and password is less than 15 chars" do
SiteSetting.min_admin_password_length = 15
@password = "12345678912"
record.admin = true
validate
expect(record.errors[:password]).to be_present
end
end
context "min password length is 12" do
@ -55,6 +64,7 @@ describe PasswordValidator do
context "password is commonly used" do
before do
SiteSetting.stubs(:min_password_length).returns(8)
CommonPasswords.stubs(:common_password?).returns(true)
end
@ -74,7 +84,7 @@ describe PasswordValidator do
end
it "adds an error when password is the same as the username" do
@password = "porkchops1"
@password = "porkchops1234"
record.username = @password
validate
expect(record.errors[:password]).to be_present

View File

@ -723,7 +723,7 @@ describe UsersController do
context "with values for the fields" do
let(:create_params) { {
name: @user.name,
password: 'watwatwat',
password: 'watwatwatwat',
username: @user.username,
email: @user.email,
user_fields: {
@ -773,7 +773,7 @@ describe UsersController do
context "without values for the fields" do
let(:create_params) { {
name: @user.name,
password: 'watwatwat',
password: 'watwatwatwat',
username: @user.username,
email: @user.email,
} }
@ -793,7 +793,7 @@ describe UsersController do
let!(:staged) { Fabricate(:staged, email: "staged@account.com") }
it "succeeds" do
xhr :post, :create, email: staged.email, username: "zogstrip", password: "P4ssw0rd"
xhr :post, :create, email: staged.email, username: "zogstrip", password: "P4ssw0rd$$"
result = ::JSON.parse(response.body)
expect(result["success"]).to eq(true)
expect(User.find_by(email: staged.email).staged).to eq(false)