Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
ai3
accountserver
Commits
9a84289a
Commit
9a84289a
authored
Jun 21, 2018
by
ale
Browse files
Enforce max password length
parent
bdfa295b
Changes
3
Hide whitespace changes
Inline
Side-by-side
actions_test.go
View file @
9a84289a
...
...
@@ -197,7 +197,7 @@ func TestService_ChangePassword(t *testing.T) {
},
CurPassword
:
"cur"
,
},
Password
:
"password"
,
Password
:
"
a very good secret
password"
,
}
err
:=
svc
.
ChangeUserPassword
(
context
.
TODO
(),
tx
,
req
)
if
err
!=
nil
{
...
...
config.go
View file @
9a84289a
...
...
@@ -30,6 +30,9 @@ func (c *Config) domainBackend() domainBackend {
func
(
c
*
Config
)
validationConfig
()
*
validationConfig
{
return
&
validationConfig
{
forbiddenUsernames
:
newStringSetFromList
(
c
.
ForbiddenUsernames
),
forbiddenPasswords
:
newStringSetFromList
([]
string
{
"123456"
,
"password"
,
"password1"
}),
minPasswordLength
:
6
,
maxPasswordLength
:
128
,
}
}
...
...
validators.go
View file @
9a84289a
...
...
@@ -22,6 +22,7 @@ type validationConfig struct {
forbiddenUsernames
stringSet
forbiddenPasswords
stringSet
minPasswordLength
int
maxPasswordLength
int
}
// A stringSet is just a list of strings with a quick membership test.
...
...
@@ -263,7 +264,7 @@ func isAvailableEmailAddr(be domainBackend, cb Backend) ValidatorFunc {
func
validHostedEmail
(
config
*
validationConfig
,
be
domainBackend
,
cb
Backend
)
ValidatorFunc
{
return
allOf
(
validateUsernameAndDomain
(
allOf
(
matchUsernameRx
(),
minLength
(
4
),
notInSet
(
config
.
forbiddenUsernames
)),
allOf
(
matchUsernameRx
(),
minLength
(
4
),
maxLength
(
64
),
notInSet
(
config
.
forbiddenUsernames
)),
allOf
(
isAvailableEmailHostingDomain
(
be
)),
),
isAvailableEmailAddr
(
be
,
cb
),
...
...
@@ -273,7 +274,7 @@ func validHostedEmail(config *validationConfig, be domainBackend, cb Backend) Va
func
validHostedMailingList
(
config
*
validationConfig
,
be
domainBackend
,
cb
Backend
)
ValidatorFunc
{
return
allOf
(
validateUsernameAndDomain
(
allOf
(
matchUsernameRx
(),
minLength
(
4
),
notInSet
(
config
.
forbiddenUsernames
)),
allOf
(
matchUsernameRx
(),
minLength
(
4
),
maxLength
(
64
),
notInSet
(
config
.
forbiddenUsernames
)),
allOf
(
isAvailableMailingListDomain
(
be
)),
),
isAvailableEmailAddr
(
be
,
cb
),
...
...
@@ -283,6 +284,7 @@ func validHostedMailingList(config *validationConfig, be domainBackend, cb Backe
func
validPassword
(
config
*
validationConfig
)
ValidatorFunc
{
return
allOf
(
minLength
(
config
.
minPasswordLength
),
maxLength
(
config
.
maxPasswordLength
),
notInSet
(
config
.
forbiddenPasswords
),
)
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment