espe/backend
0
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

[mod] password policy settings outsourced to conf

Browse source
This commit is contained in:
roydfalk 2024-04-30 14:54:24 +02:00
parent 80a3de650b
commit 956e2dbd35
2 changed files with 43 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
source/conf.ts
View file

@ -94,6 +94,13 @@ namespace _espe.conf
subject : string;
body : string;
};
password_policy : {
minimum_length : (null | int);
maximum_length : (null | int);
must_contain_letter : boolean;
must_contain_number : boolean;
must_contain_special_character : boolean;
};
};
// TODO: evtl. in Datenbank verlagern
admins : Array<
@ -239,6 +246,15 @@ namespace _espe.conf
"subject": ((node_settings["registration_email"] ?? {})["subject"] ?? "Registration"),
"body": ((node_settings["registration_email"] ?? {})["body"] ?? "URL: {{url}}"),
},
"password_policy": (
((node_settings_password_policy) => ({
"minimum_length": (node_settings_password_policy["minimum_length"] ?? 8),
"maximum_length": (node_settings_password_policy["maximum_length"] ?? 240),
"must_contain_letter": (node_settings_password_policy["must_contain_letter"] ?? true),
"must_contain_number": (node_settings_password_policy["must_contain_number"] ?? true),
"must_contain_special_character": (node_settings_password_policy["must_contain_special_character"] ?? true),
})) (node_settings["password_policy"] ?? {})
),
})) (conf_raw["settings"] ?? {})
),
"admins": (conf_raw["admins"] ?? []),

45
source/services/member.ts
View file

@ -37,39 +37,41 @@ namespace _espe.service.member
) : Array<{incident : string; details : Record<string, any>}>
{
let flaws : Array<{incident : string; details : Record<string, any>}> = [];
const conf = {
"minimum_length": 8,
"maximum_length": 240,
// "pattern":
"must_contain_letter": true,
"must_contain_number": true,
"must_contain_special_character": true,
};
if (password.length < conf.minimum_length) {
if (
(_espe.conf.get().settings.password_policy.minimum_length !== null)
&&
(password.length < _espe.conf.get().settings.password_policy.minimum_length)
) {
flaws.push(
{
"incident": "too_short",
"details": {
"minimum_length": conf.minimum_length,
"minimum_length": _espe.conf.get().settings.password_policy.minimum_length,
"actual_length": password.length,
}
}
);
}
if (password.length > conf.maximum_length) {
if (
(_espe.conf.get().settings.password_policy.maximum_length !== null)
&&
(password.length > _espe.conf.get().settings.password_policy.maximum_length)
) {
flaws.push(
{
"incident": "too_long",
"details": {
"maximum_length": conf.maximum_length,
"maximum_length": _espe.conf.get().settings.password_policy.maximum_length,
"actual_length": password.length,
}
}
);
}
if (conf.must_contain_letter && (! (new RegExp("[a-zA-Z]")).test(password))) {
if (
_espe.conf.get().settings.password_policy.must_contain_letter
&&
(! (new RegExp("[a-zA-Z]")).test(password))
) {
flaws.push(
{
"incident": "lacks_letter",
@ -78,7 +80,11 @@ namespace _espe.service.member
}
);
}
if (conf.must_contain_number && (! (new RegExp("[0-9]")).test(password))) {
if (
_espe.conf.get().settings.password_policy.must_contain_number
&&
(! (new RegExp("[0-9]")).test(password))
) {
flaws.push(
{
"incident": "lacks_number",
@ -87,7 +93,11 @@ namespace _espe.service.member
}
);
}
if (conf.must_contain_special_character && (! (new RegExp("[!?-_.,;/\~%&$'()\\[\\]{}^'#|+*<>=\"`:@]")).test(password))) {
if (
_espe.conf.get().settings.password_policy.must_contain_special_character
&&
(! (new RegExp("[!?-_.,;/\~%&$'()\\[\\]{}^'#|+*<>=\"`:@]")).test(password))
) {
flaws.push(
{
"incident": "lacks_special_character",
@ -96,7 +106,6 @@ namespace _espe.service.member
}
);
}
return flaws;
}