IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

add option unsecure.allow_all_passwords to disable password restrictions and allow any type of passwords (even empty ones)

Browse Source
This commit is contained in:
einhornimmond 2021-02-26 16:25:00 +01:00 committed by Ulf Gebhardt
parent 30ff0a84ef
commit a567bd3780
No known key found for this signature in database
GPG Key ID: 81308EFE29ABFEBD
4 changed files with 105 additions and 97 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/cpp/JSONInterface/JsonCreateUser.cpp
View File

@ -51,7 +51,7 @@ Poco::JSON::Object* JsonCreateUser::handle(Poco::Dynamic::Var params)
if (password.size()) { if (password.size()) {
ErrorList errors; ErrorList errors;
if (!sm->checkPwdValidation(password, &errors)) { if (!(ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_ALLOW_ALL_PASSWORDS) && !sm->checkPwdValidation(password, &errors)) {
Poco::JSON::Object* result = new Poco::JSON::Object; Poco::JSON::Object* result = new Poco::JSON::Object;
result->set("state", "error"); result->set("state", "error");
result->set("msg", errors.getLastError()->getString(false)); result->set("msg", errors.getLastError()->getString(false));

4
src/cpp/JSONInterface/JsonRequestHandler.cpp
View File

@ -37,6 +37,10 @@ void JsonRequestHandler::handleRequest(Poco::Net::HTTPServerRequest& request, Po
if (parsedResult.size() != 0) { if (parsedResult.size() != 0) {
json_result = handle(parsedResult); json_result = handle(parsedResult);
} }
else {
json_result = stateError("empty body");
}
} }
else if(method == "GET") { else if(method == "GET") {
Poco::URI uri(request.getURI()); Poco::URI uri(request.getURI());

3
src/cpp/ServerConfig.cpp
View File

@ -246,6 +246,9 @@ namespace ServerConfig {
if (cfg.getInt("unsecure.allow_cors_all", 0) == 1) { if (cfg.getInt("unsecure.allow_cors_all", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_CORS_ALL); g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_CORS_ALL);
} }
if (cfg.getInt("unsecure.allow_all_passwords", 0) == 1) {
g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_ALLOW_ALL_PASSWORDS);
}
return true; return true;
} }

3
src/cpp/ServerConfig.h
View File

@ -44,7 +44,8 @@ namespace ServerConfig {
NOT_UNSECURE = 0, NOT_UNSECURE = 0,
UNSECURE_PASSWORD_REQUESTS = 1, UNSECURE_PASSWORD_REQUESTS = 1,
UNSECURE_AUTO_SIGN_TRANSACTIONS = 2, UNSECURE_AUTO_SIGN_TRANSACTIONS = 2,
UNSECURE_CORS_ALL = 4 UNSECURE_CORS_ALL = 4,
UNSECURE_ALLOW_ALL_PASSWORDS = 8
}; };