IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

update password check, allow every special char (everything what isn't a-z, A-Z or 0-9)

Browse Source
This commit is contained in:
einhornimmond 2021-09-23 18:08:30 +02:00
parent 536e97f8a6
commit 1b3ff38ed7
4 changed files with 11 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
login_server/src/LOCALE/de_DE.mo
View File

Binary file not shown.

13
login_server/src/LOCALE/de_DE.po
View File

@ -7,8 +7,8 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: \n" "Project-Id-Version: \n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2021-06-21 13:37+0200\n" "POT-Creation-Date: 2021-09-23 17:56+0200\n"
"PO-Revision-Date: 2021-06-21 13:38+0200\n" "PO-Revision-Date: 2021-09-23 17:59+0200\n"
"Last-Translator: \n" "Last-Translator: \n"
"Language-Team: \n" "Language-Team: \n"
"Language: de_DE\n" "Language: de_DE\n"
@ -455,11 +455,10 @@ msgstr "Gradido: Passwort zurücksetzen"
#: src/cpp/SingletonManager/SessionManager.cpp:604 #: src/cpp/SingletonManager/SessionManager.cpp:604
msgid "" msgid ""
"Please enter a valid password with at least 8 characters, upper and lower " "Please enter a valid password with at least 8 characters, upper and lower "
"case letters, at least one number and one special character (@$!%*?&+-_)!" "case letters, at least one number and one special character!"
msgstr "" msgstr ""
"Bitte gebe ein gültiges Password ein mit mindestens 8 Zeichen, Groß- und " "Bitte gebe ein gültiges Password ein mit mindestens 8 Zeichen, Groß- und "
"Kleinbuchstaben, mindestens einer Zahl und einem Sonderzeichen (@$!%*?&+-_) " "Kleinbuchstaben, mindestens einer Zahl und einem Sonderzeichen ein!"
"ein!"
#: src/cpp/SingletonManager/SessionManager.cpp:610 #: src/cpp/SingletonManager/SessionManager.cpp:610
msgid "Your password is to short!" msgid "Your password is to short!"
@ -478,8 +477,8 @@ msgid "Your password does not contain any number!"
msgstr "Dein Passwort enthält keine Zahlen!" msgstr "Dein Passwort enthält keine Zahlen!"
#: src/cpp/SingletonManager/SessionManager.cpp:630 #: src/cpp/SingletonManager/SessionManager.cpp:630
msgid "Your password does not contain special characters (@$!%*?&+-)!" msgid "Your password does not contain special characters!"
msgstr "Dein Passwort enthält keine Sonderzeichen (@$!%*?&+-)!" msgstr "Dein Passwort enthält keine Sonderzeichen!"
#~ msgid "Account" #~ msgid "Account"
#~ msgstr "Konto" #~ msgstr "Konto"

8
login_server/src/cpp/SingletonManager/SessionManager.cpp
View File

@ -46,7 +46,7 @@ bool SessionManager::init()
case VALIDATE_NAME: mValidations[i] = new Poco::RegularExpression("^[^<>&;]{2,}$"); break; case VALIDATE_NAME: mValidations[i] = new Poco::RegularExpression("^[^<>&;]{2,}$"); break;
case VALIDATE_USERNAME: mValidations[i] = new Poco::RegularExpression("^[a-zA-Z][a-zA-Z0-9_-]*$"); break; case VALIDATE_USERNAME: mValidations[i] = new Poco::RegularExpression("^[a-zA-Z][a-zA-Z0-9_-]*$"); break;
case VALIDATE_EMAIL: mValidations[i] = new Poco::RegularExpression("^[a-zA-Z0-9.!#$%&?*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$"); break; case VALIDATE_EMAIL: mValidations[i] = new Poco::RegularExpression("^[a-zA-Z0-9.!#$%&?*+/=?^_`{|}~-]+@[a-zA-Z0-9-]+(?:\.[a-zA-Z0-9-]+)*$"); break;
case VALIDATE_PASSWORD: mValidations[i] = new Poco::RegularExpression("^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[@$!%*?&+-_])[A-Za-z0-9@$!%*?&+-_]{8,}$"); break; case VALIDATE_PASSWORD: mValidations[i] = new Poco::RegularExpression("^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[^a-zA-Z0-9]).{8,}$"); break;
case VALIDATE_PASSPHRASE: mValidations[i] = new Poco::RegularExpression("^(?:[a-z]* ){23}[a-z]*\s*$"); break; case VALIDATE_PASSPHRASE: mValidations[i] = new Poco::RegularExpression("^(?:[a-z]* ){23}[a-z]*\s*$"); break;
case VALIDATE_GROUP_ALIAS: mValidations[i] = new Poco::RegularExpression("^[a-z0-9-]{3,120}"); break; case VALIDATE_GROUP_ALIAS: mValidations[i] = new Poco::RegularExpression("^[a-z0-9-]{3,120}"); break;
case VALIDATE_HEDERA_ID: mValidations[i] = new Poco::RegularExpression("^[0-9]*\.[0-9]*\.[0-9]\.$"); break; case VALIDATE_HEDERA_ID: mValidations[i] = new Poco::RegularExpression("^[0-9]*\.[0-9]*\.[0-9]\.$"); break;
@ -56,7 +56,7 @@ bool SessionManager::init()
case VALIDATE_ONLY_HEX: mValidations[i] = new Poco::RegularExpression("^(0x)?[a-fA-F0-9]*$"); break; case VALIDATE_ONLY_HEX: mValidations[i] = new Poco::RegularExpression("^(0x)?[a-fA-F0-9]*$"); break;
//case VALIDATE_ONLY_URL: mValidations[i] = new Poco::RegularExpression("^https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}$"); break; //case VALIDATE_ONLY_URL: mValidations[i] = new Poco::RegularExpression("^https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\.[a-zA-Z0-9()]{1,6}$"); break;
case VALIDATE_ONLY_URL: mValidations[i] = new Poco::RegularExpression("^https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\/?"); break; case VALIDATE_ONLY_URL: mValidations[i] = new Poco::RegularExpression("^https?:\/\/(www\.)?[-a-zA-Z0-9@:%._\+~#=]{1,256}\/?"); break;
case VALIDATE_HAS_SPECIAL_CHARACTER: mValidations[i] = new Poco::RegularExpression(".*[@$!%*?&+-].*"); break; case VALIDATE_HAS_SPECIAL_CHARACTER: mValidations[i] = new Poco::RegularExpression(".*[^a-zA-Z0-9].*"); break;
case VALIDATE_HAS_UPPERCASE_LETTER: case VALIDATE_HAS_UPPERCASE_LETTER:
mValidations[i] = new Poco::RegularExpression(".*[A-Z].*"); mValidations[i] = new Poco::RegularExpression(".*[A-Z].*");
ServerConfig::g_ServerKeySeed->put(i, DRRandom::r64()); ServerConfig::g_ServerKeySeed->put(i, DRRandom::r64());
@ -601,7 +601,7 @@ bool SessionManager::checkPwdValidation(const std::string& pwd, NotificationList
if (!isValid(pwd, VALIDATE_PASSWORD)) { if (!isValid(pwd, VALIDATE_PASSWORD)) {
errorReciver->addError(new Error( errorReciver->addError(new Error(
lang->gettext("Password"), lang->gettext("Password"),
lang->gettext("Please enter a valid password with at least 8 characters, upper and lower case letters, at least one number and one special character (@$!%*?&+-_)!"))); lang->gettext("Please enter a valid password with at least 8 characters, upper and lower case letters, at least one number and one special character!")));
// @$!%*?&+- // @$!%*?&+-
if (pwd.size() < 8) { if (pwd.size() < 8) {
@ -627,7 +627,7 @@ bool SessionManager::checkPwdValidation(const std::string& pwd, NotificationList
else if (!isValid(pwd, VALIDATE_HAS_SPECIAL_CHARACTER)) { else if (!isValid(pwd, VALIDATE_HAS_SPECIAL_CHARACTER)) {
errorReciver->addError(new Error( errorReciver->addError(new Error(
lang->gettext("Password"), lang->gettext("Password"),
lang->gettext("Your password does not contain special characters (@$!%*?&+-)!"))); lang->gettext("Your password does not contain special characters!")));
} }
return false; return false;

2
login_server/src/cpsp/UserUpdatePassword.cpsp
View File

@ -85,7 +85,7 @@ enum PageState {
<form method="POST"> <form method="POST">
<p> <p>
Bitte denke dir ein sicheres Passwort aus, das mindestens 8 Zeichen lang ist, einen Klein- und einen Gro&szlig;buchstaben enth&auml;lt, Bitte denke dir ein sicheres Passwort aus, das mindestens 8 Zeichen lang ist, einen Klein- und einen Gro&szlig;buchstaben enth&auml;lt,
eine Zahl und eines der folgenden Sonderzeichen: @$!%*?&+- eine Zahl und ein Sonderzeichen.
</p> </p>
<label class="form-label" for="register-password">Passwort</label> <label class="form-label" for="register-password">Passwort</label>
<input class="form-control" id="register-password" type="password" name="register-password"/> <input class="form-control" id="register-password" type="password" name="register-password"/>