From f27d87d93ba8578dfc36b636de5dc01e26e58d0d Mon Sep 17 00:00:00 2001 From: Bwko Date: Sat, 24 Dec 2016 14:40:44 +0100 Subject: [PATCH] Added minimum password length to app.ini (#223) --- conf/app.ini | 2 ++ modules/setting/setting.go | 6 ++++++ options/locale/locale_en-US.ini | 2 +- routers/user/auth.go | 11 ++++++++--- 4 files changed, 17 insertions(+), 4 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index d3f06cad7..c46d52f2d 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -168,6 +168,8 @@ COOKIE_USERNAME = gitea_awesome COOKIE_REMEMBER_NAME = gitea_incredible ; Reverse proxy authentication header name of user name REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER +; Sets the minimum password length for new Users +MIN_PASSWORD_LENGTH = 6 [service] ACTIVE_CODE_LIVE_MINUTES = 180 diff --git a/modules/setting/setting.go b/modules/setting/setting.go index b15985627..8dab8041f 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -96,6 +96,7 @@ var ( CookieUserName string CookieRememberName string ReverseProxyAuthUser string + MinPasswordLength int // Database settings UseSQLite3 bool @@ -589,6 +590,11 @@ please consider changing to GITEA_CUSTOM`) CookieUserName = sec.Key("COOKIE_USERNAME").MustString("gitea_awesome") CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").MustString("gitea_incredible") ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER") + MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt() + + if MinPasswordLength == 0 { + MinPasswordLength = 6 + } sec = Cfg.Section("attachment") AttachmentPath = sec.Key("PATH").MustString(path.Join(AppDataPath, "attachments")) diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 24868b5c0..1be152811 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -165,7 +165,7 @@ send_reset_mail = Click here to (re)send your password reset email reset_password = Reset Your Password invalid_code = Sorry, your confirmation code has expired or not valid. reset_password_helper = Click here to reset your password -password_too_short = Password length cannot be less then 6. +password_too_short = Password length cannot be less then %d. non_local_account = Non-local accounts cannot change passwords through Gitea. [mail] diff --git a/routers/user/auth.go b/routers/user/auth.go index bb14ad5a5..ef2a04005 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -203,6 +203,11 @@ func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterFo ctx.RenderWithErr(ctx.Tr("form.password_not_match"), tplSignUp, &form) return } + if len(form.Password) < setting.MinPasswordLength { + ctx.Data["Err_Password"] = true + ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplSignUp, &form) + return + } u := &models.User{ Name: form.UserName, @@ -410,7 +415,7 @@ func ResetPasswd(ctx *context.Context) { ctx.HTML(200, tplResetPassword) } -// ResetPasswdPost response fro reset password request +// ResetPasswdPost response from reset password request func ResetPasswdPost(ctx *context.Context) { ctx.Data["Title"] = ctx.Tr("auth.reset_password") @@ -424,10 +429,10 @@ func ResetPasswdPost(ctx *context.Context) { if u := models.VerifyUserActiveCode(code); u != nil { // Validate password length. passwd := ctx.Query("password") - if len(passwd) < 6 { + if len(passwd) < setting.MinPasswordLength { ctx.Data["IsResetForm"] = true ctx.Data["Err_Password"] = true - ctx.RenderWithErr(ctx.Tr("auth.password_too_short"), tplResetPassword, nil) + ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplResetPassword, nil) return }