From 2f8612bb24ede631a8d912199dab987043323eaf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=9B=D0=BE=D0=BA=D0=BE=D1=82=D0=BE=D0=BA?= <47851014+lokot0k@users.noreply.github.com> Date: Wed, 19 Apr 2023 14:02:33 +0300 Subject: [PATCH] =?UTF-8?q?=D0=9F=D1=80=D0=BE=D0=B2=D0=B5=D1=80=D0=BA?= =?UTF-8?q?=D0=B0=20=D0=BD=D0=B0=20=D0=BD=D0=B0=D0=B4=D0=B5=D0=B6=D0=BD?= =?UTF-8?q?=D1=8B=D0=B9=20=D0=BF=D0=B0=D1=80=D0=BE=D0=BB=D1=8C=20(#862)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Проверка на надежный пароль * fixed typos in locales/ru.strings Co-authored-by: Alexander Minkin * подправил локаль --------- Co-authored-by: Alexander Minkin --- Web/Presenters/AuthPresenter.php | 6 +++++- Web/Util/Validator.php | 4 ++++ locales/en.strings | 1 + locales/ru.strings | 1 + openvk-example.yml | 1 + 5 files changed, 12 insertions(+), 1 deletion(-) diff --git a/Web/Presenters/AuthPresenter.php b/Web/Presenters/AuthPresenter.php index bb9d7272..bbb45d28 100644 --- a/Web/Presenters/AuthPresenter.php +++ b/Web/Presenters/AuthPresenter.php @@ -80,7 +80,11 @@ final class AuthPresenter extends OpenVKPresenter if(!Validator::i()->emailValid($this->postParam("email"))) $this->flashFail("err", tr("invalid_email_address"), tr("invalid_email_address_comment")); - + + if(OPENVK_ROOT_CONF['openvk']['preferences']['security']['forceStrongPassword']) + if(!Validator::i()->passwordStrong($this->postParam("password"))) + $this->flashFail("err", tr("error"), tr("error_weak_password")); + if (strtotime($this->postParam("birthday")) > time()) $this->flashFail("err", tr("invalid_birth_date"), tr("invalid_birth_date_comment")); diff --git a/Web/Util/Validator.php b/Web/Util/Validator.php index aa30a8b5..51085a3d 100644 --- a/Web/Util/Validator.php +++ b/Web/Util/Validator.php @@ -22,5 +22,9 @@ class Validator return (bool) preg_match("/^(?:t.me\/|@)?([a-zA-Z0-9_]{0,32})$/", $telegram); } + function passwordStrong(string $password): bool{ + return (bool) preg_match("/^(?=.*[A-Z])(?=.*[0-9])(?=.*[a-z]).{8,}$/", $password); + } + use TSimpleSingleton; } diff --git a/locales/en.strings b/locales/en.strings index 669bfc8b..87961ebc 100644 --- a/locales/en.strings +++ b/locales/en.strings @@ -992,6 +992,7 @@ "error_upload_failed" = "Failed to upload a photo"; "error_old_password" = "Old password does not match"; "error_new_password" = "New password does not match"; +"error_weak_password" = "Password isn't strong enough. It should has at least 8 symbols, at least one capital letter and at least one digit." "error_shorturl_incorrect" = "The short address has an incorrect format."; "error_repost_fail" = "Failed to share post"; "error_data_too_big" = "Attribute '$1' must be at most $2 $3 long"; diff --git a/locales/ru.strings b/locales/ru.strings index ac7a537d..98928cd5 100644 --- a/locales/ru.strings +++ b/locales/ru.strings @@ -905,6 +905,7 @@ "error_upload_failed" = "Не удалось загрузить фото"; "error_old_password" = "Старый пароль не совпадает"; "error_new_password" = "Новые пароли не совпадает"; +"error_weak_password" = "Ненадёжный пароль. Пароль должен содержать не менее 8 символов, цифры, прописные и строчные буквы"; "error_shorturl_incorrect" = "Короткий адрес имеет некорректный формат."; "error_repost_fail" = "Не удалось поделиться записью"; "error_data_too_big" = "Аттрибут '$1' не может быть длиннее $2 $3"; diff --git a/openvk-example.yml b/openvk-example.yml index c2f794e4..4b6ab4aa 100644 --- a/openvk-example.yml +++ b/openvk-example.yml @@ -27,6 +27,7 @@ openvk: requirePhone: false forcePhoneVerification: false forceEmailVerification: false + forceStrongPassword: false enableSu: true rateLimits: actions: 5