aboutsummaryrefslogtreecommitdiffstats
path: root/routers
diff options
context:
space:
mode:
authorguillep2k <18600385+guillep2k@users.noreply.github.com>2019-11-19 21:07:51 -0300
committerzeripath <art27@cantab.net>2019-11-20 00:07:51 +0000
commite4ec32de2eee4ae320ef8e2f9a68a39ad607f548 (patch)
tree00c9ce1a5a91fc33601eeebe56d39c979d92e020 /routers
parent4a357f4188ee037d5279d198356af71a8ca102bc (diff)
downloadgitea-e4ec32de2eee4ae320ef8e2f9a68a39ad607f548.tar.gz
gitea-e4ec32de2eee4ae320ef8e2f9a68a39ad607f548.zip
Fix password checks on admin create/edit user (#9076)
* Fix password checks on admin create/edit user * Remove incorrect trimspace
Diffstat (limited to 'routers')
-rw-r--r--routers/admin/users.go17
1 files changed, 14 insertions, 3 deletions
diff --git a/routers/admin/users.go b/routers/admin/users.go
index 7626fbc0d0..b5c7dbd383 100644
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@@ -94,8 +94,14 @@ func NewUserPost(ctx *context.Context, form auth.AdminCreateUserForm) {
u.LoginName = form.LoginName
}
}
- if u.LoginType == models.LoginPlain {
+ if u.LoginType == models.LoginNoType || u.LoginType == models.LoginPlain {
+ if len(form.Password) < setting.MinPasswordLength {
+ ctx.Data["Err_Password"] = true
+ ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplUserNew, &form)
+ return
+ }
if !password.IsComplexEnough(form.Password) {
+ ctx.Data["Err_Password"] = true
ctx.RenderWithErr(password.BuildComplexityError(ctx), tplUserNew, &form)
return
}
@@ -203,14 +209,19 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
if len(form.Password) > 0 {
var err error
- if u.Salt, err = models.GetUserSalt(); err != nil {
- ctx.ServerError("UpdateUser", err)
+ if len(form.Password) < setting.MinPasswordLength {
+ ctx.Data["Err_Password"] = true
+ ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplUserEdit, &form)
return
}
if !password.IsComplexEnough(form.Password) {
ctx.RenderWithErr(password.BuildComplexityError(ctx), tplUserEdit, &form)
return
}
+ if u.Salt, err = models.GetUserSalt(); err != nil {
+ ctx.ServerError("UpdateUser", err)
+ return
+ }
u.HashPassword(form.Password)
}