the-djmaze/snappymail
1
1
Fork 0
mirror of https://github.com/the-djmaze/snappymail.git synced 2025-02-24 14:57:26 +08:00
Code Issues Projects Releases Packages Wiki Activity

Added config option for minimum passlength

Browse source 
Disable broken PasswordWeaknessCheck
See https://github.com/the-djmaze/snappymail/issues/51#issuecomment-790582737
This commit is contained in:
djmaze 2021-03-04 13:51:21 +01:00
parent 72988972a7
commit 96ea4fdf0a
1 changed files with 16 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
plugins/change-password/index.php
View file

@ -79,7 +79,13 @@ class ChangePasswordPlugin extends \RainLoop\Plugins\AbstractPlugin
public function configMapping() : array
{
$result = [];
$result = [
\RainLoop\Plugins\Property::NewInstance("pass_min_length")
->SetLabel('Password minimum length')
->SetType(\RainLoop\Enumerations\PluginPropertyType::INT)
->SetDescription('Minimum length of the password')
->SetDefaultValue(10),
];
foreach ($this->getSupportedDrivers(true) as $name => $class) {
$result[] = \RainLoop\Plugins\Property::NewInstance("driver_{$name}_enabled")
->SetLabel('Enable ' . $class::NAME)
@ -112,18 +118,19 @@ class ChangePasswordPlugin extends \RainLoop\Plugins\AbstractPlugin
}
$sPasswordForCheck = \trim($sNewPassword);
if (10 > \strlen($sPasswordForCheck)) {
if ($this->Config()->Get('plugin', 'pass_min_length', 10) > \strlen($sPasswordForCheck)) {
throw new ClientException(static::NewPasswordShort, null, $oActions->StaticI18N('NOTIFICATIONS/NEW_PASSWORD_SHORT'));
}
if (!\MailSo\Base\Utils::PasswordWeaknessCheck($sPasswordForCheck)) {
if (!static::PasswordWeaknessCheck($sPasswordForCheck)) {
throw new ClientException(static::NewPasswordWeak, null, $oActions->StaticI18N('NOTIFICATIONS/NEW_PASSWORD_WEAK'));
}
$bResult = false;
$oConfig = $this->Config();
foreach ($this->getSupportedDrivers() as $name => $class) {
if (\RainLoop\Plugins\Helper::ValidateWildcardValues($oAccount->Email(), $oConfig->Get('plugin', "driver_{$name}_allowed_emails"))) {
$sFoundedValue = '';
if (\RainLoop\Plugins\Helper::ValidateWildcardValues($oAccount->Email(), $oConfig->Get('plugin', "driver_{$name}_allowed_emails"), $sFoundedValue)) {
$name = $class::NAME;
try
{
@ -185,4 +192,9 @@ class ChangePasswordPlugin extends \RainLoop\Plugins\AbstractPlugin
return $sPassword;
}
private static function PasswordWeaknessCheck(string $sPassword) : bool
{
return !!preg_match('/111|1234|password|abc|qwerty|monkey|letmein|dragon|baseball|iloveyou|trustno1|sunshine|master|welcome|shadow|ashley|football|jesus|michael|ninja|mustang|vkontakte/i', $sPassword);
}
}