comparison mod_password_reset/mod_password_reset.lua @ 3355:3bc68057f232

mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
author Matthew Wild <mwild1@gmail.com>
date Tue, 09 Oct 2018 14:12:45 +0100
parents e8d6f602f382
children b059a3fb2a58
comparison
equal deleted inserted replaced
3354:7cede636b3d5 3355:3bc68057f232
14 14
15 local max_token_age = module:get_option_number("password_reset_validity", 86400); 15 local max_token_age = module:get_option_number("password_reset_validity", 86400);
16 16
17 local serve = module:depends"http_files".serve; 17 local serve = module:depends"http_files".serve;
18 18
19 module:depends"adhoc"; 19 module:depends("adhoc");
20 module:depends"http"; 20 module:depends("http");
21 local password_policy = module:depends("password_policy");
21 22
22 local form_template = assert(module:load_resource("password_reset/password_reset.html")):read("*a"); 23 local form_template = assert(module:load_resource("password_reset/password_reset.html")):read("*a");
23 local result_template = assert(module:load_resource("password_reset/password_result.html")):read("*a"); 24 local result_template = assert(module:load_resource("password_reset/password_result.html")):read("*a");
24 25
25 function generate_page(event) 26 function generate_page(event)
36 end 37 end
37 38
38 return apply_template(form_template, { 39 return apply_template(form_template, {
39 jid = reset_info.user.."@"..module.host; 40 jid = reset_info.user.."@"..module.host;
40 token = token; 41 token = token;
42 min_password_length = password_policy.get_policy().length;
41 }); 43 });
42 end 44 end
43 45
44 function handle_form(event) 46 function handle_form(event)
45 local request, response = event.request, event.response; 47 local request, response = event.request, event.response;
50 52
51 response.headers.content_type = "text/html; charset=utf-8"; 53 response.headers.content_type = "text/html; charset=utf-8";
52 54
53 if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then 55 if not reset_info or os.difftime(os.time(), reset_info.generated_at) > max_token_age then
54 return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." }) 56 return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." })
57 end
58
59 local policy_ok, policy_err = password_policy.check_password(password);
60 if not policy_ok then
61 return apply_template(form_template, {
62 classes = "alert-danger", message = "Unsuitable password: "..policy_err;
63 jid = reset_info.user.."@"..module.host;
64 token = token;
65 min_password_length = password_policy.get_policy().length;
66 })
55 end 67 end
56 68
57 local ok, err = usermanager.set_password(reset_info.user, password, module.host); 69 local ok, err = usermanager.set_password(reset_info.user, password, module.host);
58 70
59 if ok then 71 if ok then