diff options
author | David Lu <david.lu@hotmail.com> | 2016-07-06 18:54:54 -0400 |
---|---|---|
committer | Corey Hulen <corey@hulen.com> | 2016-07-06 14:54:54 -0800 |
commit | 683f7133190aa350cdd1ea2608c90fe5f47b35cd (patch) | |
tree | 3f1bcc19d3bc1a7dedd407c266ea63cdda5ed9c9 /api/user.go | |
parent | 0c3c52b8d3a3503c35481a287ba27f626749503a (diff) | |
download | chat-683f7133190aa350cdd1ea2608c90fe5f47b35cd.tar.gz chat-683f7133190aa350cdd1ea2608c90fe5f47b35cd.tar.bz2 chat-683f7133190aa350cdd1ea2608c90fe5f47b35cd.zip |
PLT-1465 Added password requirements (#3489)
* Added password requirements
* added tweaks
* fixed error code
* removed http.StatusNotAcceptable
Diffstat (limited to 'api/user.go')
-rw-r--r-- | api/user.go | 34 |
1 files changed, 22 insertions, 12 deletions
diff --git a/api/user.go b/api/user.go index 38ee05a22..daaa3a577 100644 --- a/api/user.go +++ b/api/user.go @@ -245,6 +245,10 @@ func CreateUser(user *model.User) (*model.User, *model.AppError) { user.MakeNonNil() user.Locale = *utils.Cfg.LocalizationSettings.DefaultClientLocale + if err := utils.IsPasswordValid(user.Password); user.AuthService == "" && err != nil { + return nil, err + } + if result := <-Srv.Store.User().Save(user); result.Err != nil { l4g.Error(utils.T("api.user.create_user.save.error"), result.Err) return nil, result.Err @@ -1295,6 +1299,11 @@ func updateUser(c *Context, w http.ResponseWriter, r *http.Request) { return } + if err := utils.IsPasswordValid(user.Password); user.Password != "" && err != nil { + c.Err = err + return + } + if result := <-Srv.Store.User().Update(user, false); result.Err != nil { c.Err = result.Err return @@ -1339,8 +1348,9 @@ func updatePassword(c *Context, w http.ResponseWriter, r *http.Request) { } newPassword := props["new_password"] - if len(newPassword) < 5 { - c.SetInvalidParam("updatePassword", "new_password") + + if err := utils.IsPasswordValid(newPassword); err != nil { + c.Err = err return } @@ -1732,18 +1742,18 @@ func sendPasswordReset(c *Context, w http.ResponseWriter, r *http.Request) { func resetPassword(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) - newPassword := props["new_password"] - if len(newPassword) < model.MIN_PASSWORD_LENGTH { - c.SetInvalidParam("resetPassword", "new_password") - return - } - code := props["code"] if len(code) != model.PASSWORD_RECOVERY_CODE_SIZE { c.SetInvalidParam("resetPassword", "code") return } + newPassword := props["new_password"] + if err := utils.IsPasswordValid(newPassword); err != nil { + c.Err = err + return + } + c.LogAudit("attempt") userId := "" @@ -2042,8 +2052,8 @@ func oauthToEmail(c *Context, w http.ResponseWriter, r *http.Request) { props := model.MapFromJson(r.Body) password := props["password"] - if len(password) == 0 { - c.SetInvalidParam("oauthToEmail", "password") + if err := utils.IsPasswordValid(password); err != nil { + c.Err = err return } @@ -2174,8 +2184,8 @@ func ldapToEmail(c *Context, w http.ResponseWriter, r *http.Request) { } emailPassword := props["email_password"] - if len(emailPassword) == 0 { - c.SetInvalidParam("ldapToEmail", "email_password") + if err := utils.IsPasswordValid(emailPassword); err != nil { + c.Err = err return } |