comparison mod_password_policy/mod_password_policy.lua @ 4828:56eba4bca28f

mod_password_policy: Allow check_password() to indicate the policy that failed
author Matthew Wild <mwild1@gmail.com>
date Wed, 22 Dec 2021 14:01:53 +0000
parents 662f2722f745
children caf7e88dc9e5
comparison
equal deleted inserted replaced
4827:fe5303da99cb 4828:56eba4bca28f
16 16
17 local st = require "util.stanza"; 17 local st = require "util.stanza";
18 18
19 function check_password(password) 19 function check_password(password)
20 if #password < options.length then 20 if #password < options.length then
21 return nil, ("Password is too short (minimum %d characters)"):format(options.length); 21 return nil, ("Password is too short (minimum %d characters)"):format(options.length), "length";
22 end 22 end
23 return true; 23 return true;
24 end 24 end
25 25
26 function get_policy() 26 function get_policy()
45 end 45 end
46 46
47 table.insert(passwords, query:get_child_text("password")); 47 table.insert(passwords, query:get_child_text("password"));
48 48
49 for _,password in ipairs(passwords) do 49 for _,password in ipairs(passwords) do
50 if password and not check_password(password) then 50 if password then
51 origin.send(st.error_reply(stanza, "cancel", "not-acceptable", "Please use a longer password.")); 51 local pw_ok, pw_err, pw_failed_policy = check_password(password);
52 return true; 52 if not pw_ok then
53 module:log("debug", "Password failed check against '%s' policy", pw_failed_policy);
54 origin.send(st.error_reply(stanza, "cancel", "not-acceptable", pw_err));
55 return true;
56 end
53 end 57 end
54 end 58 end
55 end 59 end
56 end 60 end
57 61