garrettmills/commafeed
1
0
Fork 0
forked from Archives/Athou_commafeed
Code Pull Requests Activity

add setting to disable strict password policy (#1059)

Browse Source
This commit is contained in:
Athou
2023-05-31 07:31:40 +02:00
parent bb25e0ede6
commit 5ecf3e0fbf
6 changed files with 32 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
commafeed-server/config.dev.yml
View File

@@ -6,6 +6,9 @@ app:
# wether to allow user registrations # wether to allow user registrations
allowRegistrations: true allowRegistrations: true
# whether to enable strict password validation (1 uppercase char, 1 lowercase char, 1 digit, 1 special char)
strictPasswordPolicy: true
# create a demo account the first time the app starts # create a demo account the first time the app starts
createDemoAccount: true createDemoAccount: true

3
commafeed-server/config.yml.example
View File

@@ -6,6 +6,9 @@ app:
# whether to allow user registrations # whether to allow user registrations
allowRegistrations: false allowRegistrations: false
# whether to enable strict password validation (1 uppercase char, 1 lowercase char, 1 digit, 1 special char)
strictPasswordPolicy: true
# create a demo account the first time the app starts # create a demo account the first time the app starts
createDemoAccount: false createDemoAccount: false

3
commafeed-server/src/main/java/com/commafeed/CommaFeedApplication.java
View File

@@ -33,6 +33,7 @@ import com.commafeed.backend.model.UserSettings;
import com.commafeed.backend.service.DatabaseStartupService; import com.commafeed.backend.service.DatabaseStartupService;
import com.commafeed.backend.service.UserService; import com.commafeed.backend.service.UserService;
import com.commafeed.backend.task.ScheduledTask; import com.commafeed.backend.task.ScheduledTask;
import com.commafeed.frontend.auth.PasswordConstraintValidator;
import com.commafeed.frontend.auth.SecurityCheckFactoryProvider; import com.commafeed.frontend.auth.SecurityCheckFactoryProvider;
import com.commafeed.frontend.resource.AdminREST; import com.commafeed.frontend.resource.AdminREST;
import com.commafeed.frontend.resource.CategoryREST; import com.commafeed.frontend.resource.CategoryREST;
@@ -150,6 +151,8 @@ public class CommaFeedApplication extends Application<CommaFeedConfiguration> {
@Override @Override
public void run(CommaFeedConfiguration config, Environment environment) throws Exception { public void run(CommaFeedConfiguration config, Environment environment) throws Exception {
PasswordConstraintValidator.setStrict(config.getApplicationSettings().getStrictPasswordPolicy());
// guice init // guice init
Injector injector = Guice.createInjector(new CommaFeedModule(hibernateBundle.getSessionFactory(), config, environment.metrics())); Injector injector = Guice.createInjector(new CommaFeedModule(hibernateBundle.getSessionFactory(), config, environment.metrics()));

4
commafeed-server/src/main/java/com/commafeed/CommaFeedConfiguration.java
View File

@@ -69,6 +69,10 @@ public class CommaFeedConfiguration extends Configuration {
@Valid @Valid
private Boolean allowRegistrations; private Boolean allowRegistrations;
@NotNull
@Valid
private Boolean strictPasswordPolicy = true;
@NotNull @NotNull
@Valid @Valid
private Boolean createDemoAccount; private Boolean createDemoAccount;

19
commafeed-server/src/main/java/com/commafeed/frontend/auth/PasswordConstraintValidator.java
View File

@@ -14,8 +14,13 @@ import org.passay.PasswordValidator;
import org.passay.RuleResult; import org.passay.RuleResult;
import org.passay.WhitespaceRule; import org.passay.WhitespaceRule;
import lombok.Setter;
public class PasswordConstraintValidator implements ConstraintValidator<ValidPassword, String> { public class PasswordConstraintValidator implements ConstraintValidator<ValidPassword, String> {
@Setter
private static boolean strict = true;
@Override @Override
public void initialize(ValidPassword constraintAnnotation) { public void initialize(ValidPassword constraintAnnotation) {
// nothing to do // nothing to do
@@ -27,7 +32,7 @@ public class PasswordConstraintValidator implements ConstraintValidator<ValidPas
return true; return true;
} }
PasswordValidator validator = buildPasswordValidator(); PasswordValidator validator = strict ? buildStrictPasswordValidator() : buildLoosePasswordValidator();
RuleResult result = validator.validate(new PasswordData(value)); RuleResult result = validator.validate(new PasswordData(value));
if (result.isValid()) { if (result.isValid()) {
@@ -40,10 +45,10 @@ public class PasswordConstraintValidator implements ConstraintValidator<ValidPas
return false; return false;
} }
private PasswordValidator buildPasswordValidator() { private PasswordValidator buildStrictPasswordValidator() {
return new PasswordValidator( return new PasswordValidator(
// length // length
new LengthRule(8, 128), new LengthRule(8, 256),
// 1 uppercase char // 1 uppercase char
new CharacterRule(EnglishCharacterData.UpperCase, 1), new CharacterRule(EnglishCharacterData.UpperCase, 1),
// 1 lowercase char // 1 lowercase char
@@ -56,4 +61,12 @@ public class PasswordConstraintValidator implements ConstraintValidator<ValidPas
new WhitespaceRule()); new WhitespaceRule());
} }
private PasswordValidator buildLoosePasswordValidator() {
return new PasswordValidator(
// length
new LengthRule(6, 256),
// no whitespace
new WhitespaceRule());
}
} }

3
commafeed-server/src/test/resources/config.test.yml
View File

@@ -6,6 +6,9 @@ app:
# wether to allow user registrations # wether to allow user registrations
allowRegistrations: true allowRegistrations: true
# whether to enable strict password validation (1 uppercase char, 1 lowercase char, 1 digit, 1 special char)
strictPasswordPolicy: true
# create a demo account the first time the app starts # create a demo account the first time the app starts
createDemoAccount: false createDemoAccount: false