Compare commits

...

2 commits

Author SHA1 Message Date
Локоток
2f8612bb24
Проверка на надежный пароль (#862)
* Проверка на надежный пароль

* fixed typos in locales/ru.strings

Co-authored-by: Alexander Minkin <weryskok@gmail.com>

* подправил локаль

---------

Co-authored-by: Alexander Minkin <weryskok@gmail.com>
2023-04-19 14:02:33 +03:00
Dmitry Tretyakov
b89bbdcec2
Update README.md 2023-04-19 17:44:01 +07:00
6 changed files with 14 additions and 1 deletions

View file

@ -22,6 +22,8 @@ We will release OpenVK as soon as it's ready. As for now, you can:
* [social.fetbuk.ru](http://social.fetbuk.ru/) * [social.fetbuk.ru](http://social.fetbuk.ru/)
* [vepurovk.xyz](http://vepurovk.xyz/) * [vepurovk.xyz](http://vepurovk.xyz/)
* [vepurovk.fun](http://vepurovk.fun/) (mirror without TLS) * [vepurovk.fun](http://vepurovk.fun/) (mirror without TLS)
* [ovk.tinelix.ru](https://ovk.tinelix.ru)
* [mirror without TLS](http://ovk.tinelix.ru)
## Can I create my own OpenVK instance? ## Can I create my own OpenVK instance?

View file

@ -81,6 +81,10 @@ final class AuthPresenter extends OpenVKPresenter
if(!Validator::i()->emailValid($this->postParam("email"))) if(!Validator::i()->emailValid($this->postParam("email")))
$this->flashFail("err", tr("invalid_email_address"), tr("invalid_email_address_comment")); $this->flashFail("err", tr("invalid_email_address"), tr("invalid_email_address_comment"));
if(OPENVK_ROOT_CONF['openvk']['preferences']['security']['forceStrongPassword'])
if(!Validator::i()->passwordStrong($this->postParam("password")))
$this->flashFail("err", tr("error"), tr("error_weak_password"));
if (strtotime($this->postParam("birthday")) > time()) if (strtotime($this->postParam("birthday")) > time())
$this->flashFail("err", tr("invalid_birth_date"), tr("invalid_birth_date_comment")); $this->flashFail("err", tr("invalid_birth_date"), tr("invalid_birth_date_comment"));

View file

@ -22,5 +22,9 @@ class Validator
return (bool) preg_match("/^(?:t.me\/|@)?([a-zA-Z0-9_]{0,32})$/", $telegram); return (bool) preg_match("/^(?:t.me\/|@)?([a-zA-Z0-9_]{0,32})$/", $telegram);
} }
function passwordStrong(string $password): bool{
return (bool) preg_match("/^(?=.*[A-Z])(?=.*[0-9])(?=.*[a-z]).{8,}$/", $password);
}
use TSimpleSingleton; use TSimpleSingleton;
} }

View file

@ -992,6 +992,7 @@
"error_upload_failed" = "Failed to upload a photo"; "error_upload_failed" = "Failed to upload a photo";
"error_old_password" = "Old password does not match"; "error_old_password" = "Old password does not match";
"error_new_password" = "New password does not match"; "error_new_password" = "New password does not match";
"error_weak_password" = "Password isn't strong enough. It should has at least 8 symbols, at least one capital letter and at least one digit."
"error_shorturl_incorrect" = "The short address has an incorrect format."; "error_shorturl_incorrect" = "The short address has an incorrect format.";
"error_repost_fail" = "Failed to share post"; "error_repost_fail" = "Failed to share post";
"error_data_too_big" = "Attribute '$1' must be at most $2 $3 long"; "error_data_too_big" = "Attribute '$1' must be at most $2 $3 long";

View file

@ -905,6 +905,7 @@
"error_upload_failed" = "Не удалось загрузить фото"; "error_upload_failed" = "Не удалось загрузить фото";
"error_old_password" = "Старый пароль не совпадает"; "error_old_password" = "Старый пароль не совпадает";
"error_new_password" = "Новые пароли не совпадает"; "error_new_password" = "Новые пароли не совпадает";
"error_weak_password" = "Ненадёжный пароль. Пароль должен содержать не менее 8 символов, цифры, прописные и строчные буквы";
"error_shorturl_incorrect" = "Короткий адрес имеет некорректный формат."; "error_shorturl_incorrect" = "Короткий адрес имеет некорректный формат.";
"error_repost_fail" = "Не удалось поделиться записью"; "error_repost_fail" = "Не удалось поделиться записью";
"error_data_too_big" = "Аттрибут '$1' не может быть длиннее $2 $3"; "error_data_too_big" = "Аттрибут '$1' не может быть длиннее $2 $3";

View file

@ -27,6 +27,7 @@ openvk:
requirePhone: false requirePhone: false
forcePhoneVerification: false forcePhoneVerification: false
forceEmailVerification: false forceEmailVerification: false
forceStrongPassword: false
enableSu: true enableSu: true
rateLimits: rateLimits:
actions: 5 actions: 5