From 9595eee82ee4558eec91f72cd30352583d6aa082 Mon Sep 17 00:00:00 2001
From: Bwko <bouwko@gmail.com>
Date: Wed, 23 Nov 2016 14:03:59 +0100
Subject: [PATCH] Added minimum password length to app.ini
---
conf/app.ini | 2 ++
conf/locale/locale_en-US.ini | 2 +-
modules/setting/setting.go | 6 ++++++
routers/user/auth.go | 11 ++++++++---
4 files changed, 17 insertions(+), 4 deletions(-)
diff --git a/conf/app.ini b/conf/app.ini
index 0533d0326f2f2..a6f967bc76d1a 100644
--- a/conf/app.ini
+++ b/conf/app.ini
@@ -169,6 +169,8 @@ COOKIE_USERNAME = gitea_awesome
COOKIE_REMEMBER_NAME = gitea_incredible
; Reverse proxy authentication header name of user name
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
+; Sets the minimum password length for new Users
+MIN_PASSWORD_LENGTH = 6
[service]
ACTIVE_CODE_LIVE_MINUTES = 180
diff --git a/conf/locale/locale_en-US.ini b/conf/locale/locale_en-US.ini
index b6e47594d1a64..430811c5bbe2f 100644
--- a/conf/locale/locale_en-US.ini
+++ b/conf/locale/locale_en-US.ini
@@ -162,7 +162,7 @@ send_reset_mail = Click here to (re)send your password reset email
reset_password = Reset Your Password
invalid_code = Sorry, your confirmation code has expired or not valid.
reset_password_helper = Click here to reset your password
-password_too_short = Password length cannot be less then 6.
+password_too_short = Password length cannot be less then %d.
non_local_account = Non-local accounts cannot change passwords through Gitea.
[mail]
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index baaa3f50a8f82..c474222c7ff7a 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -93,6 +93,7 @@ var (
CookieUserName string
CookieRememberName string
ReverseProxyAuthUser string
+ MinPasswordLength int
// Database settings
UseSQLite3 bool
@@ -468,6 +469,11 @@ please consider changing to GITEA_CUSTOM`)
CookieUserName = sec.Key("COOKIE_USERNAME").String()
CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").String()
ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
+ MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt()
+
+ if MinPasswordLength == 0 {
+ MinPasswordLength = 6
+ }
sec = Cfg.Section("attachment")
AttachmentPath = sec.Key("PATH").MustString(path.Join(AppDataPath, "attachments"))
diff --git a/routers/user/auth.go b/routers/user/auth.go
index ebee24365c0a8..3f64282491244 100644
--- a/routers/user/auth.go
+++ b/routers/user/auth.go
@@ -203,6 +203,11 @@ func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterFo
ctx.RenderWithErr(ctx.Tr("form.password_not_match"), tplSignUp, &form)
return
}
+ if len(form.Password) < setting.MinPasswordLength {
+ ctx.Data["Err_Password"] = true
+ ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplSignUp, &form)
+ return
+ }
u := &models.User{
Name: form.UserName,
@@ -406,7 +411,7 @@ func ResetPasswd(ctx *context.Context) {
ctx.HTML(200, tplResetPassword)
}
-// ResetPasswdPost response fro reset password request
+// ResetPasswdPost response from reset password request
func ResetPasswdPost(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("auth.reset_password")
@@ -420,10 +425,10 @@ func ResetPasswdPost(ctx *context.Context) {
if u := models.VerifyUserActiveCode(code); u != nil {
// Validate password length.
passwd := ctx.Query("password")
- if len(passwd) < 6 {
+ if len(passwd) < setting.MinPasswordLength {
ctx.Data["IsResetForm"] = true
ctx.Data["Err_Password"] = true
- ctx.RenderWithErr(ctx.Tr("auth.password_too_short"), tplResetPassword, nil)
+ ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplResetPassword, nil)
return
}