diff options
| author | Maxim Tkachenko <maxim.tkachenko@gmail.com> | 2019-10-14 22:24:26 +0700 |
|---|---|---|
| committer | zeripath <art27@cantab.net> | 2019-10-14 16:24:26 +0100 |
| commit | db657192d0349f7b10a62515fbf085d3a48d88f9 (patch) | |
| tree | d298b9b2c487af61dc399774e67dcb3440add9c2 /cmd | |
| parent | f9aba9ba0f07b77cb46dde6eda3c3f5b8fa841fe (diff) | |
| download | gitea-db657192d0349f7b10a62515fbf085d3a48d88f9.tar.gz gitea-db657192d0349f7b10a62515fbf085d3a48d88f9.zip | |
Password Complexity Checks (#6230)
Add password complexity checks. The default settings require a lowercase, uppercase, number and a special character within passwords.
Co-Authored-By: T-M-A <maxim.tkachenko@gmail.com>
Co-Authored-By: Lanre Adelowo <adelowomailbox@gmail.com>
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-Authored-By: Lauris BH <lauris@nix.lv>
Diffstat (limited to 'cmd')
| -rw-r--r-- | cmd/admin.go | 19 |
1 files changed, 10 insertions, 9 deletions
diff --git a/cmd/admin.go b/cmd/admin.go index 4c4d6f9b66..4346159feb 100644 --- a/cmd/admin.go +++ b/cmd/admin.go @@ -13,9 +13,9 @@ import ( "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/auth/oauth2" - "code.gitea.io/gitea/modules/generate" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" + pwd "code.gitea.io/gitea/modules/password" "code.gitea.io/gitea/modules/setting" "github.com/urfave/cli" @@ -233,7 +233,9 @@ func runChangePassword(c *cli.Context) error { if err := initDB(); err != nil { return err } - + if !pwd.IsComplexEnough(c.String("password")) { + return errors.New("Password does not meet complexity requirements") + } uname := c.String("username") user, err := models.GetUserByName(uname) if err != nil { @@ -243,6 +245,7 @@ func runChangePassword(c *cli.Context) error { return err } user.HashPassword(c.String("password")) + if err := models.UpdateUserCols(user, "passwd", "salt"); err != nil { return err } @@ -275,26 +278,24 @@ func runCreateUser(c *cli.Context) error { fmt.Fprintf(os.Stderr, "--name flag is deprecated. Use --username instead.\n") } - var password string + if err := initDB(); err != nil { + return err + } + var password string if c.IsSet("password") { password = c.String("password") } else if c.IsSet("random-password") { var err error - password, err = generate.GetRandomString(c.Int("random-password-length")) + password, err = pwd.Generate(c.Int("random-password-length")) if err != nil { return err } - fmt.Printf("generated random password is '%s'\n", password) } else { return errors.New("must set either password or random-password flag") } - if err := initDB(); err != nil { - return err - } - // always default to true var changePassword = true |