Merge branch 'openvk:master' into master

README.md

@@ -22,6 +22,8 @@ We will release OpenVK as soon as it's ready. As for now, you can:
 * [social.fetbuk.ru](http://social.fetbuk.ru/)
 * [vepurovk.xyz](http://vepurovk.xyz/)
   * [vepurovk.fun](http://vepurovk.fun/) (mirror without TLS)
+* [ovk.tinelix.ru](https://ovk.tinelix.ru)
+  * [mirror without TLS](http://ovk.tinelix.ru)
 
 ## Can I create my own OpenVK instance?
 

README_RU.md

@@ -22,6 +22,8 @@ _[English](README.md)_
 * [social.fetbuk.ru](http://social.fetbuk.ru/)
 * [vepurovk.xyz](http://vepurovk.xyz/)
   * **[vepurovk.fun](http://vepurovk.fun)** (зеркало без TLS)
+* [ovk.tinelix.ru](https://ovk.tinelix.ru)
+  * [зеркало без TLS](http://ovk.tinelix.ru)
 
 ## Могу ли я создать свою собственную инстанцию OpenVK?
 

Web/Presenters/AuthPresenter.php

@@ -80,7 +80,11 @@ final class AuthPresenter extends OpenVKPresenter
             
             if(!Validator::i()->emailValid($this->postParam("email")))
                 $this->flashFail("err", tr("invalid_email_address"), tr("invalid_email_address_comment"));
-            
+
+            if(OPENVK_ROOT_CONF['openvk']['preferences']['security']['forceStrongPassword'])
+                if(!Validator::i()->passwordStrong($this->postParam("password")))
+                    $this->flashFail("err", tr("error"), tr("error_weak_password"));
+
             if (strtotime($this->postParam("birthday")) > time())
                 $this->flashFail("err", tr("invalid_birth_date"), tr("invalid_birth_date_comment"));
 

Web/Util/Validator.php

@@ -22,5 +22,9 @@ class Validator
         return (bool) preg_match("/^(?:t.me\/|@)?([a-zA-Z0-9_]{0,32})$/", $telegram);
     }
 
+    function passwordStrong(string $password): bool{
+        return (bool) preg_match("/^(?=.*[A-Z])(?=.*[0-9])(?=.*[a-z]).{8,}$/", $password);
+    }
+
     use TSimpleSingleton;
 }

locales/en.strings

@@ -992,6 +992,7 @@
 "error_upload_failed" = "Failed to upload a photo";
 "error_old_password" = "Old password does not match";
 "error_new_password" = "New password does not match";
+"error_weak_password" = "Password isn't strong enough. It should has at least 8 symbols, at least one capital letter and at least one digit."
 "error_shorturl_incorrect" = "The short address has an incorrect format.";
 "error_repost_fail" = "Failed to share post";
 "error_data_too_big" = "Attribute '$1' must be at most $2 $3 long";

locales/ru.strings

@@ -905,6 +905,7 @@
 "error_upload_failed" = "Не удалось загрузить фото";
 "error_old_password" = "Старый пароль не совпадает";
 "error_new_password" = "Новые пароли не совпадает";
+"error_weak_password" = "Ненадёжный пароль. Пароль должен содержать не менее 8 символов, цифры, прописные и строчные буквы";
 "error_shorturl_incorrect" = "Короткий адрес имеет некорректный формат.";
 "error_repost_fail" = "Не удалось поделиться записью";
 "error_data_too_big" = "Аттрибут '$1' не может быть длиннее $2 $3";

openvk-example.yml

@@ -27,6 +27,7 @@ openvk:
             requirePhone: false
             forcePhoneVerification: false
             forceEmailVerification: false
+            forceStrongPassword: false
             enableSu: true
             rateLimits:
                 actions: 5