mirror of
https://github.com/openziti/zrok.git
synced 2024-12-22 23:02:52 +01:00
password subsystem tweaks (#167)
This commit is contained in:
parent
8c4134c8ad
commit
93707b692d
@ -25,19 +25,19 @@ type Config struct {
|
||||
Limits *limits.Config
|
||||
Maintenance *MaintenanceConfig
|
||||
Metrics *metrics.Config
|
||||
Passwords *PasswordsConfig
|
||||
Registration *RegistrationConfig
|
||||
ResetPassword *ResetPasswordConfig
|
||||
Store *store.Config
|
||||
Ziti *zrokEdgeSdk.Config
|
||||
PasswordRequirements *PaswordRequirementsConfig
|
||||
}
|
||||
|
||||
type AdminConfig struct {
|
||||
Secrets []string `cf:"+secret"`
|
||||
TouLink string
|
||||
InvitesOpen bool
|
||||
InviteTokenStrategy string
|
||||
InviteTokenContact string
|
||||
Secrets []string `cf:"+secret"`
|
||||
TouLink string
|
||||
}
|
||||
|
||||
type EndpointConfig struct {
|
||||
@ -45,11 +45,12 @@ type EndpointConfig struct {
|
||||
Port int
|
||||
}
|
||||
|
||||
type RegistrationConfig struct {
|
||||
RegistrationUrlTemplate string
|
||||
type MaintenanceConfig struct {
|
||||
ResetPassword *ResetPasswordMaintenanceConfig
|
||||
Registration *RegistrationMaintenanceConfig
|
||||
}
|
||||
|
||||
type PaswordRequirementsConfig struct {
|
||||
type PasswordsConfig struct {
|
||||
Length int
|
||||
RequireCapital bool
|
||||
RequireNumeric bool
|
||||
@ -57,13 +58,12 @@ type PaswordRequirementsConfig struct {
|
||||
ValidSpecialCharacters string
|
||||
}
|
||||
|
||||
type ResetPasswordConfig struct {
|
||||
ResetUrlTemplate string
|
||||
type RegistrationConfig struct {
|
||||
RegistrationUrlTemplate string
|
||||
}
|
||||
|
||||
type MaintenanceConfig struct {
|
||||
ResetPassword *ResetPasswordMaintenanceConfig
|
||||
Registration *RegistrationMaintenanceConfig
|
||||
type ResetPasswordConfig struct {
|
||||
ResetUrlTemplate string
|
||||
}
|
||||
|
||||
type RegistrationMaintenanceConfig struct {
|
||||
@ -81,13 +81,6 @@ type ResetPasswordMaintenanceConfig struct {
|
||||
func DefaultConfig() *Config {
|
||||
return &Config{
|
||||
Limits: limits.DefaultConfig(),
|
||||
PasswordRequirements: &PaswordRequirementsConfig{
|
||||
Length: 8,
|
||||
RequireCapital: true,
|
||||
RequireNumeric: true,
|
||||
RequireSpecial: true,
|
||||
ValidSpecialCharacters: `!@$&*_-., "#%'()+/:;<=>?[\]^{|}~`,
|
||||
},
|
||||
Maintenance: &MaintenanceConfig{
|
||||
ResetPassword: &ResetPasswordMaintenanceConfig{
|
||||
ExpirationTimeout: time.Minute * 15,
|
||||
@ -100,6 +93,13 @@ func DefaultConfig() *Config {
|
||||
BatchLimit: 500,
|
||||
},
|
||||
},
|
||||
Passwords: &PasswordsConfig{
|
||||
Length: 8,
|
||||
RequireCapital: true,
|
||||
RequireNumeric: true,
|
||||
RequireSpecial: true,
|
||||
ValidSpecialCharacters: `!@$&*_-., "#%'()+/:;<=>?[\]^{|}~`,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -27,14 +27,14 @@ func (ch *configurationHandler) Handle(_ metadata.ConfigurationParams) middlewar
|
||||
if cfg.Admin != nil {
|
||||
data.TouLink = cfg.Admin.TouLink
|
||||
data.InviteTokenContact = cfg.Admin.InviteTokenContact
|
||||
}
|
||||
if cfg.PasswordRequirements != nil {
|
||||
if cfg.Passwords != nil {
|
||||
data.PasswordRequirements = &rest_model_zrok.PasswordRequirements{
|
||||
Length: int64(cfg.PasswordRequirements.Length),
|
||||
RequireCapital: cfg.PasswordRequirements.RequireCapital,
|
||||
RequireNumeric: cfg.PasswordRequirements.RequireNumeric,
|
||||
RequireSpecial: cfg.PasswordRequirements.RequireSpecial,
|
||||
ValidSpecialCharacters: cfg.PasswordRequirements.ValidSpecialCharacters,
|
||||
Length: int64(cfg.Passwords.Length),
|
||||
RequireCapital: cfg.Passwords.RequireCapital,
|
||||
RequireNumeric: cfg.Passwords.RequireNumeric,
|
||||
RequireSpecial: cfg.Passwords.RequireSpecial,
|
||||
ValidSpecialCharacters: cfg.Passwords.ValidSpecialCharacters,
|
||||
}
|
||||
}
|
||||
}
|
||||
return metadata.NewConfigurationOK().WithPayload(data)
|
||||
|
@ -92,21 +92,21 @@ func proxyUrl(shrToken, template string) string {
|
||||
}
|
||||
|
||||
func validatePassword(cfg *config.Config, password string) error {
|
||||
if cfg.PasswordRequirements.Length > len(password) {
|
||||
return fmt.Errorf("password length: expected (%d), got (%d)", cfg.PasswordRequirements.Length, len(password))
|
||||
if cfg.Passwords.Length > len(password) {
|
||||
return fmt.Errorf("password length: expected (%d), got (%d)", cfg.Passwords.Length, len(password))
|
||||
}
|
||||
if cfg.PasswordRequirements.RequireCapital {
|
||||
if cfg.Passwords.RequireCapital {
|
||||
if !hasCapital(password) {
|
||||
return fmt.Errorf("password requires capital, found none")
|
||||
}
|
||||
}
|
||||
if cfg.PasswordRequirements.RequireNumeric {
|
||||
if cfg.Passwords.RequireNumeric {
|
||||
if !hasNumeric(password) {
|
||||
return fmt.Errorf("password requires numeric, found none")
|
||||
}
|
||||
}
|
||||
if cfg.PasswordRequirements.RequireSpecial {
|
||||
if !strings.ContainsAny(password, cfg.PasswordRequirements.ValidSpecialCharacters) {
|
||||
if cfg.Passwords.RequireSpecial {
|
||||
if !strings.ContainsAny(password, cfg.Passwords.ValidSpecialCharacters) {
|
||||
return fmt.Errorf("password requires special character, found none")
|
||||
}
|
||||
}
|
||||
|
@ -33,7 +33,7 @@ const PasswordForm = (props) => {
|
||||
return;
|
||||
}
|
||||
}
|
||||
if (confirm != password) {
|
||||
if (confirm !== password) {
|
||||
props.setMessage(passwordMismatchMessage)
|
||||
return;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user