]> git.koha-community.org Git - koha.git/commit
Bug 18298: Add server-side checks and refactor stuffs
authorJonathan Druart <jonathan.druart@bugs.koha-community.org>
Fri, 17 Mar 2017 02:03:20 +0000 (23:03 -0300)
committerJonathan Druart <jonathan.druart@bugs.koha-community.org>
Mon, 16 Oct 2017 12:44:32 +0000 (09:44 -0300)
commit3f9da34683d7f87570e73b5c401a1a0e4a8604ac
tree9aa8bb928bd4f09b38e4da2c9b42d2eecd8d71a5
parentf2a1b215dd27c6cb9ed1b45a0613886843c6ba7d
Bug 18298: Add server-side checks and refactor stuffs

Now that we have a check client-side, nothing prevents us from a smart guy to
bypass it and force an invalid password.
This patch adds two new subroutines to Koha::AuthUtils to check the
validity of passwords and generate a password server-side. It is used
only once (self-registration) but could be useful later.

Moreover the 3 different cases of password rejection (too leak, too
short, contains leading or trailing whitespaces) were not tested
everywhere. Now they are!

This patch makes things consistent everywhere and clean up some code.

Signed-off-by: Marc VĂ©ron <veron@veron.ch>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
12 files changed:
Koha/AuthUtils.pm
koha-tmpl/intranet-tmpl/prog/en/modules/members/member-password.tt
koha-tmpl/intranet-tmpl/prog/en/modules/members/memberentrygen.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-memberentry.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-passwd.tt
koha-tmpl/opac-tmpl/bootstrap/en/modules/opac-password-recovery.tt
members/member-password.pl
members/memberentry.pl
opac/opac-memberentry.pl
opac/opac-passwd.pl
opac/opac-password-recovery.pl
t/AuthUtils.t