summaryrefslogtreecommitdiffstats
path: root/routers/web/user/auth.go
diff options
context:
space:
mode:
Diffstat (limited to 'routers/web/user/auth.go')
-rw-r--r--routers/web/user/auth.go17
1 files changed, 16 insertions, 1 deletions
diff --git a/routers/web/user/auth.go b/routers/web/user/auth.go
index 178852d3fb..0f1ede85a7 100644
--- a/routers/web/user/auth.go
+++ b/routers/web/user/auth.go
@@ -1873,8 +1873,23 @@ func MustChangePasswordPost(ctx *context.Context) {
ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplMustChangePassword, &form)
return
}
+ if !password.IsComplexEnough(form.Password) {
+ ctx.Data["Err_Password"] = true
+ ctx.RenderWithErr(password.BuildComplexityError(ctx), tplMustChangePassword, &form)
+ return
+ }
+ pwned, err := password.IsPwned(ctx, form.Password)
+ if pwned {
+ ctx.Data["Err_Password"] = true
+ errMsg := ctx.Tr("auth.password_pwned")
+ if err != nil {
+ log.Error(err.Error())
+ errMsg = ctx.Tr("auth.password_pwned_err")
+ }
+ ctx.RenderWithErr(errMsg, tplMustChangePassword, &form)
+ return
+ }
- var err error
if err = u.SetPassword(form.Password); err != nil {
ctx.ServerError("UpdateUser", err)
return
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-29 05:43:44 +0000