diff options
| author | John Olheiser <john.olheiser@gmail.com> | 2020-09-08 17:06:39 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-09-08 17:06:39 -0500 |
| commit | c6e4bc53aad371210f0cb670e36c57132087b230 (patch) | |
| tree | ef2eecef855a4257a22eb61aefd5439be23a770e /routers/admin/users.go | |
| parent | bea343ce0997262e61c5d83812a270090896afbf (diff) | |
| download | gitea-c6e4bc53aad371210f0cb670e36c57132087b230.tar.gz gitea-c6e4bc53aad371210f0cb670e36c57132087b230.zip | |
Check passwords against HaveIBeenPwned (#12716)
* Implement pwn
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update module
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Apply suggestions mrsdizzie
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
* Add link to HIBP
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Add more details to admin command
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Add context to pwn
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Consistency and making some noise ;)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: zeripath <art27@cantab.net>
Diffstat (limited to 'routers/admin/users.go')
| -rw-r--r-- | routers/admin/users.go | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/routers/admin/users.go b/routers/admin/users.go index a28db2b445..531f81b8b5 100644 --- a/routers/admin/users.go +++ b/routers/admin/users.go @@ -108,6 +108,17 @@ func NewUserPost(ctx *context.Context, form auth.AdminCreateUserForm) { ctx.RenderWithErr(password.BuildComplexityError(ctx), tplUserNew, &form) return } + pwned, err := password.IsPwned(ctx.Req.Context(), form.Password) + if pwned { + ctx.Data["Err_Password"] = true + errMsg := ctx.Tr("auth.password_pwned") + if err != nil { + log.Error(err.Error()) + errMsg = ctx.Tr("auth.password_pwned_err") + } + ctx.RenderWithErr(errMsg, tplUserNew, &form) + return + } u.MustChangePassword = form.MustChangePassword } if err := models.CreateUser(u); err != nil { @@ -224,6 +235,17 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) { ctx.RenderWithErr(password.BuildComplexityError(ctx), tplUserEdit, &form) return } + pwned, err := password.IsPwned(ctx.Req.Context(), form.Password) + if pwned { + ctx.Data["Err_Password"] = true + errMsg := ctx.Tr("auth.password_pwned") + if err != nil { + log.Error(err.Error()) + errMsg = ctx.Tr("auth.password_pwned_err") + } + ctx.RenderWithErr(errMsg, tplUserNew, &form) + return + } if u.Salt, err = models.GetUserSalt(); err != nil { ctx.ServerError("UpdateUser", err) return |