From 956e2dbd3554da2245d2739a7f43f9848f002b2f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Fra=C3=9F?= Date: Tue, 30 Apr 2024 14:54:24 +0200 Subject: [PATCH] [mod] password policy settings outsourced to conf --- source/conf.ts | 16 ++++++++++++++ source/services/member.ts | 45 +++++++++++++++++++++++---------------- 2 files changed, 43 insertions(+), 18 deletions(-) diff --git a/source/conf.ts b/source/conf.ts index 776f029..b1d2b58 100644 --- a/source/conf.ts +++ b/source/conf.ts @@ -94,6 +94,13 @@ namespace _espe.conf subject : string; body : string; }; + password_policy : { + minimum_length : (null | int); + maximum_length : (null | int); + must_contain_letter : boolean; + must_contain_number : boolean; + must_contain_special_character : boolean; + }; }; // TODO: evtl. in Datenbank verlagern admins : Array< @@ -239,6 +246,15 @@ namespace _espe.conf "subject": ((node_settings["registration_email"] ?? {})["subject"] ?? "Registration"), "body": ((node_settings["registration_email"] ?? {})["body"] ?? "URL: {{url}}"), }, + "password_policy": ( + ((node_settings_password_policy) => ({ + "minimum_length": (node_settings_password_policy["minimum_length"] ?? 8), + "maximum_length": (node_settings_password_policy["maximum_length"] ?? 240), + "must_contain_letter": (node_settings_password_policy["must_contain_letter"] ?? true), + "must_contain_number": (node_settings_password_policy["must_contain_number"] ?? true), + "must_contain_special_character": (node_settings_password_policy["must_contain_special_character"] ?? true), + })) (node_settings["password_policy"] ?? {}) + ), })) (conf_raw["settings"] ?? {}) ), "admins": (conf_raw["admins"] ?? []), diff --git a/source/services/member.ts b/source/services/member.ts index 605de49..fbce4bb 100644 --- a/source/services/member.ts +++ b/source/services/member.ts @@ -37,39 +37,41 @@ namespace _espe.service.member ) : Array<{incident : string; details : Record}> { let flaws : Array<{incident : string; details : Record}> = []; - - const conf = { - "minimum_length": 8, - "maximum_length": 240, - // "pattern": - "must_contain_letter": true, - "must_contain_number": true, - "must_contain_special_character": true, - }; - - if (password.length < conf.minimum_length) { + if ( + (_espe.conf.get().settings.password_policy.minimum_length !== null) + && + (password.length < _espe.conf.get().settings.password_policy.minimum_length) + ) { flaws.push( { "incident": "too_short", "details": { - "minimum_length": conf.minimum_length, + "minimum_length": _espe.conf.get().settings.password_policy.minimum_length, "actual_length": password.length, } } ); } - if (password.length > conf.maximum_length) { + if ( + (_espe.conf.get().settings.password_policy.maximum_length !== null) + && + (password.length > _espe.conf.get().settings.password_policy.maximum_length) + ) { flaws.push( { "incident": "too_long", "details": { - "maximum_length": conf.maximum_length, + "maximum_length": _espe.conf.get().settings.password_policy.maximum_length, "actual_length": password.length, } } ); } - if (conf.must_contain_letter && (! (new RegExp("[a-zA-Z]")).test(password))) { + if ( + _espe.conf.get().settings.password_policy.must_contain_letter + && + (! (new RegExp("[a-zA-Z]")).test(password)) + ) { flaws.push( { "incident": "lacks_letter", @@ -78,7 +80,11 @@ namespace _espe.service.member } ); } - if (conf.must_contain_number && (! (new RegExp("[0-9]")).test(password))) { + if ( + _espe.conf.get().settings.password_policy.must_contain_number + && + (! (new RegExp("[0-9]")).test(password)) + ) { flaws.push( { "incident": "lacks_number", @@ -87,7 +93,11 @@ namespace _espe.service.member } ); } - if (conf.must_contain_special_character && (! (new RegExp("[!?-_.,;/\~%&$'()\\[\\]{}^'#|+*<>=\"`:@]")).test(password))) { + if ( + _espe.conf.get().settings.password_policy.must_contain_special_character + && + (! (new RegExp("[!?-_.,;/\~%&$'()\\[\\]{}^'#|+*<>=\"`:@]")).test(password)) + ) { flaws.push( { "incident": "lacks_special_character", @@ -96,7 +106,6 @@ namespace _espe.service.member } ); } - return flaws; }