Incorporated review comments for #5705
parent
aa6c199e98
commit
e247867abf
|
@ -13,6 +13,9 @@ Please consider the following guidelines when selecting a password:
|
|||
|
||||
* Ensure that your password is an adequate length; 6 characters should be the
|
||||
absolute minimum number of characters in the password.
|
||||
* The minimum password length is set by default to six characters. This value
|
||||
can be changed by setting the *PASSWORD_LENGTH_MIN* option to desired length
|
||||
in pgAdmin configuration; see :ref:`config_py` for more information.
|
||||
* Ensure that your password is not open to dictionary attacks. Use a mixture of
|
||||
upper and lower case letters and numerics, and avoid words or names. Consider
|
||||
using the first letter from each word in a phrase that you will remember
|
||||
|
|
|
@ -13,6 +13,9 @@ Please consider the following guidelines when selecting a password:
|
|||
|
||||
* Ensure that your password is an adequate length; 6 characters should be the
|
||||
absolute minimum number of characters in the password.
|
||||
* The minimum password length is set by default to six characters. This value
|
||||
can be changed by setting the *PASSWORD_LENGTH_MIN* option to desired length
|
||||
in pgAdmin configuration; see :ref:`config_py` for more information.
|
||||
* Ensure that your password is not open to dictionary attacks. Use a mixture of
|
||||
upper and lower case letters and numerics, and avoid words or names. Consider
|
||||
using the first letter from each word in a phrase that you will remember
|
||||
|
|
|
@ -193,7 +193,7 @@ ALLOWED_HOSTS = []
|
|||
SECURITY_PASSWORD_HASH = 'pbkdf2_sha512'
|
||||
|
||||
# Minimum password length
|
||||
SECURITY_PASSWORD_LENGTH_MIN = 6
|
||||
PASSWORD_LENGTH_MIN = 6
|
||||
|
||||
# Reverse Proxy parameters
|
||||
# You must tell the middleware how many proxies set each header
|
||||
|
|
|
@ -350,6 +350,7 @@ def create_app(app_name=None):
|
|||
app.config['SECURITY_MSG_USER_DOES_NOT_EXIST'] = \
|
||||
app.config['SECURITY_MSG_INVALID_PASSWORD'] = \
|
||||
(gettext("Incorrect username or password."), "error")
|
||||
app.config['SECURITY_PASSWORD_LENGTH_MIN'] = config.PASSWORD_LENGTH_MIN
|
||||
|
||||
# Create database connection object and mailer
|
||||
db.init_app(app)
|
||||
|
|
|
@ -627,7 +627,8 @@ def utils():
|
|||
login_url=login_url,
|
||||
username=current_user.username,
|
||||
auth_source=auth_source,
|
||||
heartbeat_timeout=config.SERVER_HEARTBEAT_TIMEOUT
|
||||
heartbeat_timeout=config.SERVER_HEARTBEAT_TIMEOUT,
|
||||
password_length_min=config.PASSWORD_LENGTH_MIN
|
||||
),
|
||||
200, {'Content-Type': MIMETYPE_APP_JS})
|
||||
|
||||
|
|
|
@ -69,6 +69,9 @@ define('pgadmin.browser.utils',
|
|||
/* Server Heartbeat Timeout */
|
||||
pgAdmin['heartbeat_timeout'] = '{{heartbeat_timeout}}';
|
||||
|
||||
/* Minimum password length */
|
||||
pgAdmin['password_length_min'] = '{{password_length_min}}';
|
||||
|
||||
// Define list of nodes on which Query tool option doesn't appears
|
||||
let unsupported_nodes = pgAdmin.unsupported_nodes = [
|
||||
'server_group', 'server', 'coll-tablespace', 'tablespace',
|
||||
|
|
|
@ -55,13 +55,13 @@ def user_info_server():
|
|||
email = input(ENTER_EMAIL_ADDRESS)
|
||||
|
||||
p1, p2 = pprompt()
|
||||
while p1 != p2 or len(p1) < 6:
|
||||
while p1 != p2 or len(p1) < config.PASSWORD_LENGTH_MIN:
|
||||
if p1 != p2:
|
||||
print('Passwords do not match. Please try again.')
|
||||
else:
|
||||
print(
|
||||
'Password must be at least 6 characters. '
|
||||
'Please try again.'
|
||||
'Password must be at least {} characters. '
|
||||
'Please try again.'.format(config.PASSWORD_LENGTH_MIN)
|
||||
)
|
||||
p1, p2 = pprompt()
|
||||
|
||||
|
|
|
@ -133,6 +133,7 @@ class UserManagementCollection extends BaseUISchema {
|
|||
validate(state, setError) {
|
||||
let msg = undefined;
|
||||
let obj = this;
|
||||
let minPassLen = pgAdmin.password_length_min;
|
||||
if (obj.isUserNameEnabled(state) && isEmptyString(state.username)) {
|
||||
msg = gettext('Username cannot be empty');
|
||||
setError('username', msg);
|
||||
|
@ -184,8 +185,8 @@ class UserManagementCollection extends BaseUISchema {
|
|||
msg = gettext('Password cannot be empty for user %s', state.email);
|
||||
setError('newPassword', msg);
|
||||
return true;
|
||||
} else if (state.newPassword?.length < 6) {
|
||||
msg = gettext('Password must be at least 6 characters for user %s', state.email);
|
||||
} else if (state.newPassword?.length < minPassLen) {
|
||||
msg = gettext('Password must be at least %s characters for user %s', minPassLen, state.email);
|
||||
setError('newPassword', msg);
|
||||
return true;
|
||||
} else {
|
||||
|
|
Loading…
Reference in New Issue