Mercurial > prosody-modules
changeset 4833:15cf32e666da
mod_invites_register_web: Add mod_password_policy checks for web registration
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Wed, 22 Dec 2021 15:05:31 +0000 |
parents | bfd4af4caddc |
children | 7ed2467c9bb5 |
files | mod_invites_register_web/README.markdown mod_invites_register_web/html/register.html mod_invites_register_web/mod_invites_register_web.lua |
diffstat | 3 files changed, 30 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_invites_register_web/README.markdown Wed Dec 22 14:48:46 2021 +0000 +++ b/mod_invites_register_web/README.markdown Wed Dec 22 15:05:31 2021 +0000 @@ -6,6 +6,7 @@ dependencies: - mod_invites - mod_invites_page + - mod_password_policy - mod_register_apps build: copy_directories: @@ -44,3 +45,8 @@ This module depends on mod_invites_page solely for the case where an invalid invite token is received - it will redirect to mod_invites_page so that an appropriate error can be served to the user. + +The module also depends on [mod_password_policy] (which will be automatically +loaded). As a consequence of this module being loaded, the default password +policies will be enforced for all registrations on the server if not +explicitly loaded or configured.
--- a/mod_invites_register_web/html/register.html Wed Dec 22 14:48:46 2021 +0000 +++ b/mod_invites_register_web/html/register.html Wed Dec 22 15:05:31 2021 +0000 @@ -69,7 +69,7 @@ <label for="password" class="col-md-4 col-lg-12 col-form-label">Password:</label> <div class="col-md-8 col-lg-12"> <input type="password" name="password" class="form-control" aria-describedby="passwordHelp" - autocomplete="new-password" + autocomplete="new-password" required minlength="{password_policy.length}" > <small id="passwordHelp" class="form-text text-muted">Enter a secure password that you do not use anywhere else.</small> </div>
--- a/mod_invites_register_web/mod_invites_register_web.lua Wed Dec 22 14:48:46 2021 +0000 +++ b/mod_invites_register_web/mod_invites_register_web.lua Wed Dec 22 15:05:31 2021 +0000 @@ -16,6 +16,7 @@ }); module:depends("register_apps"); +local mod_password_policy = module:depends("password_policy"); local site_name = module:get_option_string("site_name", module.host); local site_apps = module:shared("register_apps/apps"); @@ -59,6 +60,7 @@ jid = invite.jid; inviter = invite.inviter; app = query_params.c and site_apps[query_params.c]; + password_policy = mod_password_policy.get_policy(); }); return invite_page; end @@ -92,6 +94,7 @@ uri = invite.uri; type = invite.type; jid = invite.jid; + password_policy = mod_password_policy.get_policy(); msg_class = "alert-warning"; message = "Please fill in all fields."; @@ -109,6 +112,7 @@ uri = invite.uri; type = invite.type; jid = invite.jid; + password_policy = mod_password_policy.get_policy(); msg_class = "alert-warning"; message = "This username contains invalid characters."; @@ -123,12 +127,31 @@ uri = invite.uri; type = invite.type; jid = invite.jid; + password_policy = mod_password_policy.get_policy(); msg_class = "alert-warning"; message = "This username is already in use."; }); end + local pw_ok, pw_error = mod_password_policy.check_password(password, { + username = prepped_username; + }); + if not pw_ok then + return render_html_template(register_page_template, { + site_name = site_name; + token = invite.token; + domain = module.host; + uri = invite.uri; + type = invite.type; + jid = invite.jid; + password_policy = mod_password_policy.get_policy(); + + msg_class = "alert-warning"; + message = pw_error; + }); + end + local registering = { validated_invite = invite; username = prepped_username;