From 19b89f26ce42d93feb8ede024a06f00799ba9adb Mon Sep 17 00:00:00 2001 From: Filip Gralinski Date: Sat, 18 Feb 2017 10:59:27 +0100 Subject: [PATCH] password quality is checked in account settings as well --- Handler/Common.hs | 4 ++-- Handler/YourAccount.hs | 11 +++++++++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/Handler/Common.hs b/Handler/Common.hs index afa7496..379b40f 100644 --- a/Handler/Common.hs +++ b/Handler/Common.hs @@ -49,8 +49,8 @@ minPasswordLength :: Int minPasswordLength = 10 isPasswordAcceptable :: Text -> Bool -isPasswordAcceptable p = length p >= minPasswordLength +isPasswordAcceptable p = length p >= minPasswordLength && (p /= "0123456789") && (p /= "1234567890") tooWeakPasswordMessage :: Handler () tooWeakPasswordMessage = - setMessage $ toHtml ("Password is too weak!!! A password needs to have at least " ++ (show minPasswordLength) ++ " characters") + setMessage $ toHtml ("Password is too weak!!! A password needs to have at least " ++ (show minPasswordLength) ++ " characters.") diff --git a/Handler/YourAccount.hs b/Handler/YourAccount.hs index ad454e4..5815db2 100644 --- a/Handler/YourAccount.hs +++ b/Handler/YourAccount.hs @@ -9,7 +9,7 @@ import Data.Conduit.Binary import qualified Data.ByteString as S import qualified Data.ByteString.Lazy as L -import Handler.Common (passwordConfirmField, updatePassword) +import Handler.Common (passwordConfirmField, updatePassword, isPasswordAcceptable, tooWeakPasswordMessage) getYourAccountR :: Handler Html getYourAccountR = do @@ -32,13 +32,20 @@ postYourAccountR = do _ -> Nothing case accountData of Just (name, localId, mPassword, sshPubKey, avatarFile) -> do - updateUserAccount userId name localId mPassword sshPubKey avatarFile + if checkPassword mPassword + then + updateUserAccount userId name localId mPassword sshPubKey avatarFile + else + tooWeakPasswordMessage Nothing -> do setMessage $ toHtml ("Something went wrong, probably the password did not match" :: Text) defaultLayout $ do setTitle "Your account" $(widgetFile "your-account") +checkPassword :: Maybe Text -> Bool +checkPassword (Just passwd) = isPasswordAcceptable passwd +checkPassword Nothing = False yourAccountForm :: Maybe Text -> Maybe Text -> Maybe Text -> Form (Maybe Text, Maybe Text, Maybe Text, Maybe Text, Maybe FileInfo) yourAccountForm maybeName maybeLocalId maybeSshPubKey = renderBootstrap3 BootstrapBasicForm $ (,,,,)