Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #432962 by stevepurkiss, dags, mcrittenden, dawehner, Rob C, EllaTheHarpy: Added option to disable password strength checking.

8.0.x
Dries 2013-02-16 12:36:42 -05:00
parent c36aafa618
commit c5b33012ce
6 changed files with 89 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
core/modules/user/config/user.settings.yml
View File

@ -14,3 +14,4 @@ register: visitors
signatures: '0' signatures: '0'
cancel_method: user_cancel_block cancel_method: user_cancel_block
password_reset_timeout: '86400' password_reset_timeout: '86400'
password_strength: '1'

11
core/modules/user/lib/Drupal/user/Tests/UserCreateTest.php
View File

@ -36,6 +36,17 @@ class UserCreateTest extends WebTestBase {
$this->assertFieldbyId('edit-status-1', 1, 'The user status option Active exists.', 'User login'); $this->assertFieldbyId('edit-status-1', 1, 'The user status option Active exists.', 'User login');
$this->assertFieldByXPath('//input[@type="radio" and @id="edit-status-1" and @checked="checked"]', NULL, 'Default setting for user status is active.'); $this->assertFieldByXPath('//input[@type="radio" and @id="edit-status-1" and @checked="checked"]', NULL, 'Default setting for user status is active.');
// Test that the password strength indicator displays.
$config = config('user.settings');
$config->set('password_strength', TRUE)->save();
$this->drupalGet('admin/people/create');
$this->assertRaw(t('Password strength:'), 'The password strength indicator is displayed.');
$config->set('password_strength', FALSE)->save();
$this->drupalGet('admin/people/create');
$this->assertNoRaw(t('Password strength:'), 'The password strength indicator is not displayed.');
// We create two users, notifying one and not notifying the other, to // We create two users, notifying one and not notifying the other, to
// ensure that the tests work in both cases. // ensure that the tests work in both cases.
foreach (array(FALSE, TRUE) as $notify) { foreach (array(FALSE, TRUE) as $notify) {

12
core/modules/user/lib/Drupal/user/Tests/UserEditTest.php
View File

@ -76,6 +76,18 @@ class UserEditTest extends WebTestBase {
$user1->pass_raw = $new_pass; $user1->pass_raw = $new_pass;
$this->drupalLogin($user1); $this->drupalLogin($user1);
$this->drupalLogout(); $this->drupalLogout();
// Test that the password strength indicator displays.
$config = config('user.settings');
$this->drupalLogin($user1);
$config->set('password_strength', TRUE)->save();
$this->drupalPost("user/$user1->uid/edit", $edit, t('Save'));
$this->assertRaw(t('Password strength:'), 'The password strength indicator is displayed.');
$config->set('password_strength', FALSE)->save();
$this->drupalPost("user/$user1->uid/edit", $edit, t('Save'));
$this->assertNoRaw(t('Password strength:'), 'The password strength indicator is not displayed.');
} }
/** /**

6
core/modules/user/user.admin.inc
View File

@ -361,6 +361,11 @@ function user_admin_settings($form, &$form_state) {
'#default_value' => $config->get('verify_mail'), '#default_value' => $config->get('verify_mail'),
'#description' => t('New users will be required to validate their e-mail address prior to logging into the site, and will be assigned a system-generated password. With this setting disabled, users will be logged in immediately upon registering, and may select their own passwords during registration.') '#description' => t('New users will be required to validate their e-mail address prior to logging into the site, and will be assigned a system-generated password. With this setting disabled, users will be logged in immediately upon registering, and may select their own passwords during registration.')
); );
$form['registration_cancellation']['user_password_strength'] = array(
'#type' => 'checkbox',
'#title' => t('Enable password strength indicator'),
'#default_value' => $config->get('password_strength'),
);
form_load_include($form_state, 'inc', 'user', 'user.pages'); form_load_include($form_state, 'inc', 'user', 'user.pages');
$form['registration_cancellation']['user_cancel_method'] = array( $form['registration_cancellation']['user_cancel_method'] = array(
'#type' => 'radios', '#type' => 'radios',
@ -631,6 +636,7 @@ function user_admin_settings_submit($form, &$form_state) {
->set('anonymous', $form_state['values']['anonymous']) ->set('anonymous', $form_state['values']['anonymous'])
->set('admin_role', $form_state['values']['user_admin_role']) ->set('admin_role', $form_state['values']['user_admin_role'])
->set('register', $form_state['values']['user_register']) ->set('register', $form_state['values']['user_register'])
->set('password_strength', $form_state['values']['user_password_strength'])
->set('verify_mail', $form_state['values']['user_email_verification']) ->set('verify_mail', $form_state['values']['user_email_verification'])
->set('signatures', $form_state['values']['user_signatures']) ->set('signatures', $form_state['values']['user_signatures'])
->set('cancel_method', $form_state['values']['user_cancel_method']) ->set('cancel_method', $form_state['values']['user_cancel_method'])

59
core/modules/user/user.js
View File

@ -23,15 +23,27 @@ Drupal.behaviors.password = {
var confirmResult = outerWrapper.find('div.password-confirm'); var confirmResult = outerWrapper.find('div.password-confirm');
var confirmChild = confirmResult.find('span'); var confirmChild = confirmResult.find('span');
// Add the description box. // If the password strength indicator is enabled, add its markup.
if (settings.password.showStrengthIndicator) {
var passwordMeter = '<div class="password-strength"><div class="password-strength-text" aria-live="assertive"></div><div class="password-strength-title">' + translate.strengthTitle + '</div><div class="password-indicator"><div class="indicator"></div></div></div>'; var passwordMeter = '<div class="password-strength"><div class="password-strength-text" aria-live="assertive"></div><div class="password-strength-title">' + translate.strengthTitle + '</div><div class="password-indicator"><div class="indicator"></div></div></div>';
confirmInput.parent().after('<div class="password-suggestions description"></div>'); confirmInput.parent().after('<div class="password-suggestions description"></div>');
innerWrapper.append(passwordMeter); innerWrapper.prepend(passwordMeter);
var passwordDescription = outerWrapper.find('div.password-suggestions').hide(); var passwordDescription = outerWrapper.find('div.password-suggestions').hide();
}
// Check that password and confirmation inputs match.
var passwordCheckMatch = function (confirmInputVal) {
var success = passwordInput.val() === confirmInputVal;
var confirmClass = success ? 'ok' : 'error';
// Fill in the success message and set the class accordingly.
confirmChild.html(translate['confirm' + (success ? 'Success' : 'Failure')])
.removeClass('ok error').addClass(confirmClass);
};
// Check the password strength. // Check the password strength.
var passwordCheck = function () { var passwordCheck = function () {
if (settings.password.showStrengthIndicator) {
// Evaluate the password strength. // Evaluate the password strength.
var result = Drupal.evaluatePasswordStrength(passwordInput.val(), settings.password); var result = Drupal.evaluatePasswordStrength(passwordInput.val(), settings.password);
@ -40,13 +52,8 @@ Drupal.behaviors.password = {
passwordDescription.html(result.message); passwordDescription.html(result.message);
} }
// Only show the description box if there is a weakness in the password. // Only show the description box if a weakness exists in the password.
if (result.strength === 100) { result.strength === 100 ? passwordDescription.hide() : passwordDescription.show();
passwordDescription.hide();
}
else {
passwordDescription.show();
}
// Adjust the length of the strength indicator. // Adjust the length of the strength indicator.
innerWrapper.find('.indicator') innerWrapper.find('.indicator')
@ -55,38 +62,22 @@ Drupal.behaviors.password = {
// Update the strength indication text. // Update the strength indication text.
innerWrapper.find('.password-strength-text').html(result.indicatorText); innerWrapper.find('.password-strength-text').html(result.indicatorText);
passwordCheckMatch();
};
// Check that password and confirmation inputs match.
var passwordCheckMatch = function () {
if (confirmInput.val()) {
var success = passwordInput.val() === confirmInput.val();
// Show the confirm result.
confirmResult.css({ visibility: 'visible' });
// Remove the previous styling if any exists.
if (this.confirmClass) {
confirmChild.removeClass(this.confirmClass);
} }
// Fill in the success message and set the class accordingly. // Check the value in the confirm input and show results.
var confirmClass = success ? 'ok' : 'error'; if (confirmInput.val()) {
confirmChild.html(translate['confirm' + (success ? 'Success' : 'Failure')]).addClass(confirmClass); passwordCheckMatch(confirmInput.val());
this.confirmClass = confirmClass; confirmResult.css({ visibility: 'visible' });
} }
else { else {
confirmResult.css({ visibility: 'hidden' }); confirmResult.css({ visibility: 'hidden' });
} }
}; };
// Monitor keyup and blur events. // Monitor input events.
// Blur must be used because a mouse paste does not trigger keyup. $.each([passwordInput, confirmInput], function () {
passwordInput.keyup(passwordCheck).focus(passwordCheck).blur(passwordCheck); this.bind('input', passwordCheck);
confirmInput.keyup(passwordCheckMatch).blur(passwordCheckMatch); });
}); });
} }
}; };

23
core/modules/user/user.module
View File

@ -2440,10 +2440,18 @@ function _user_mail_notify($op, $account, $langcode = NULL) {
* @see system_element_info() * @see system_element_info()
*/ */
function user_form_process_password_confirm($element) { function user_form_process_password_confirm($element) {
global $user; $password_settings = array(
'confirmTitle' => t('Passwords match:'),
'confirmSuccess' => t('yes'),
'confirmFailure' => t('no'),
'showStrengthIndicator' => FALSE,
);
$js_settings = array( if (config('user.settings')->get('password_strength')) {
'password' => array(
global $user;
$password_settings['showStrengthIndicator'] = TRUE;
$password_settings += array(
'strengthTitle' => t('Password strength:'), 'strengthTitle' => t('Password strength:'),
'hasWeaknesses' => t('To make your password stronger:'), 'hasWeaknesses' => t('To make your password stronger:'),
'tooShort' => t('Make it at least 6 characters'), 'tooShort' => t('Make it at least 6 characters'),
@ -2452,15 +2460,16 @@ function user_form_process_password_confirm($element) {
'addNumbers' => t('Add numbers'), 'addNumbers' => t('Add numbers'),
'addPunctuation' => t('Add punctuation'), 'addPunctuation' => t('Add punctuation'),
'sameAsUsername' => t('Make it different from your username'), 'sameAsUsername' => t('Make it different from your username'),
'confirmSuccess' => t('yes'),
'confirmFailure' => t('no'),
'weak' => t('Weak'), 'weak' => t('Weak'),
'fair' => t('Fair'), 'fair' => t('Fair'),
'good' => t('Good'), 'good' => t('Good'),
'strong' => t('Strong'), 'strong' => t('Strong'),
'confirmTitle' => t('Passwords match:'),
'username' => (isset($user->name) ? $user->name : ''), 'username' => (isset($user->name) ? $user->name : ''),
), );
}
$js_settings = array(
'password' => $password_settings,
); );
$element['#attached']['library'][] = array('user', 'drupal.user'); $element['#attached']['library'][] = array('user', 'drupal.user');