summaryrefslogtreecommitdiffstats
path: root/routers/admin
diff options
context:
space:
mode:
authorMaxim Tkachenko <maxim.tkachenko@gmail.com>2019-10-14 22:24:26 +0700
committerzeripath <art27@cantab.net>2019-10-14 16:24:26 +0100
commitdb657192d0349f7b10a62515fbf085d3a48d88f9 (patch)
treed298b9b2c487af61dc399774e67dcb3440add9c2 /routers/admin
parentf9aba9ba0f07b77cb46dde6eda3c3f5b8fa841fe (diff)
downloadgitea-db657192d0349f7b10a62515fbf085d3a48d88f9.tar.gz
gitea-db657192d0349f7b10a62515fbf085d3a48d88f9.zip
Password Complexity Checks (#6230)
Add password complexity checks. The default settings require a lowercase, uppercase, number and a special character within passwords. Co-Authored-By: T-M-A <maxim.tkachenko@gmail.com> Co-Authored-By: Lanre Adelowo <adelowomailbox@gmail.com> Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-Authored-By: Lauris BH <lauris@nix.lv>
Diffstat (limited to 'routers/admin')
-rw-r--r--routers/admin/users.go10
1 files changed, 9 insertions, 1 deletions
diff --git a/routers/admin/users.go b/routers/admin/users.go
index 660f116682..fdc4e0e371 100644
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@@ -12,6 +12,7 @@ import (
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/log"
+ "code.gitea.io/gitea/modules/password"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/routers"
"code.gitea.io/gitea/services/mailer"
@@ -94,7 +95,10 @@ func NewUserPost(ctx *context.Context, form auth.AdminCreateUserForm) {
u.LoginName = form.LoginName
}
}
-
+ if !password.IsComplexEnough(form.Password) {
+ ctx.RenderWithErr(ctx.Tr("form.password_complexity"), tplUserNew, &form)
+ return
+ }
if err := models.CreateUser(u); err != nil {
switch {
case models.IsErrUserAlreadyExist(err):
@@ -201,6 +205,10 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
ctx.ServerError("UpdateUser", err)
return
}
+ if !password.IsComplexEnough(form.Password) {
+ ctx.RenderWithErr(ctx.Tr("form.password_complexity"), tplUserEdit, &form)
+ return
+ }
u.HashPassword(form.Password)
}