added graphical hint if password does not match policy
This commit is contained in:
parent
fba01c0ada
commit
662bd53e91
|
@ -2,6 +2,7 @@ June 2014 4.6
|
||||||
- Unix groups: allow to disable membership management
|
- Unix groups: allow to disable membership management
|
||||||
- Extended LAM's internal password policies
|
- Extended LAM's internal password policies
|
||||||
- Lamdaemon: move home directory on server if changed
|
- Lamdaemon: move home directory on server if changed
|
||||||
|
- Password policy check during typing
|
||||||
- LAM Pro:
|
- LAM Pro:
|
||||||
-> Password self reset and user self registration support to set a header text
|
-> Password self reset and user self registration support to set a header text
|
||||||
-> Sudo roles: support latest schema
|
-> Sudo roles: support latest schema
|
||||||
|
|
|
@ -420,6 +420,8 @@ class htmlInputField extends htmlElement {
|
||||||
protected $onKeyPress = null;
|
protected $onKeyPress = null;
|
||||||
/** password field */
|
/** password field */
|
||||||
protected $isPassword = false;
|
protected $isPassword = false;
|
||||||
|
/** check password strength */
|
||||||
|
protected $checkPasswordStrength = false;
|
||||||
/** enabled or disabled */
|
/** enabled or disabled */
|
||||||
protected $isEnabled = true;
|
protected $isEnabled = true;
|
||||||
/** indicates that the value should be saved in obfuscated form */
|
/** indicates that the value should be saved in obfuscated form */
|
||||||
|
@ -588,6 +590,19 @@ class htmlInputField extends htmlElement {
|
||||||
</script>
|
</script>
|
||||||
';
|
';
|
||||||
}
|
}
|
||||||
|
if ($this->checkPasswordStrength) {
|
||||||
|
$ajaxPath = "../templates/misc/ajax.php";
|
||||||
|
if (is_file("../../templates/misc/ajax.php")) {
|
||||||
|
$ajaxPath = "../../templates/misc/ajax.php";
|
||||||
|
}
|
||||||
|
elseif (is_file("../../../templates/misc/ajax.php")) {
|
||||||
|
$ajaxPath = "../../../templates/misc/ajax.php";
|
||||||
|
}
|
||||||
|
echo '<script type="text/javascript">
|
||||||
|
checkPasswordStrength("' . $this->fieldName . '", "' . $ajaxPath . '");
|
||||||
|
</script>
|
||||||
|
';
|
||||||
|
}
|
||||||
if ($this->transient) {
|
if ($this->transient) {
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
|
@ -621,9 +636,11 @@ class htmlInputField extends htmlElement {
|
||||||
* Specifies if this is a password field.
|
* Specifies if this is a password field.
|
||||||
*
|
*
|
||||||
* @param boolean $isPassword password field
|
* @param boolean $isPassword password field
|
||||||
|
* @param boolean $checkStrength check if matches password policy (default: false)
|
||||||
*/
|
*/
|
||||||
public function setIsPassword($isPassword) {
|
public function setIsPassword($isPassword, $checkStrength = false) {
|
||||||
$this->isPassword = $isPassword;
|
$this->isPassword = $isPassword;
|
||||||
|
$this->checkPasswordStrength = $checkStrength;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
@ -1042,7 +1042,7 @@ class accountContainer {
|
||||||
// password fields
|
// password fields
|
||||||
$container->addElement(new htmlOutputText(_('Password')));
|
$container->addElement(new htmlOutputText(_('Password')));
|
||||||
$pwdInput1 = new htmlInputField('newPassword1');
|
$pwdInput1 = new htmlInputField('newPassword1');
|
||||||
$pwdInput1->setIsPassword(true);
|
$pwdInput1->setIsPassword(true, true);
|
||||||
$container->addElement($pwdInput1);
|
$container->addElement($pwdInput1);
|
||||||
$container->addElement(new htmlHelpLink('404'), true);
|
$container->addElement(new htmlHelpLink('404'), true);
|
||||||
$container->addElement(new htmlOutputText(_('Repeat password')));
|
$container->addElement(new htmlOutputText(_('Repeat password')));
|
||||||
|
|
|
@ -2528,7 +2528,7 @@ class posixAccount extends baseModule implements passwordService {
|
||||||
$pwdTable = new htmlTable();
|
$pwdTable = new htmlTable();
|
||||||
$pwdTable->colspan = 3;
|
$pwdTable->colspan = 3;
|
||||||
$pwd1 = new htmlTableExtendedInputField($this->getSelfServiceLabel('password', _('New password')), 'posixAccount_password');
|
$pwd1 = new htmlTableExtendedInputField($this->getSelfServiceLabel('password', _('New password')), 'posixAccount_password');
|
||||||
$pwd1->setIsPassword(true);
|
$pwd1->setIsPassword(true, true);
|
||||||
$pwdTable->addElement($pwd1, true);
|
$pwdTable->addElement($pwd1, true);
|
||||||
$pwd2 = new htmlTableExtendedInputField(_('Reenter password'), 'posixAccount_password2');
|
$pwd2 = new htmlTableExtendedInputField(_('Reenter password'), 'posixAccount_password2');
|
||||||
$pwd2->setIsPassword(true);
|
$pwd2->setIsPassword(true);
|
||||||
|
|
|
@ -2263,7 +2263,7 @@ class sambaSamAccount extends baseModule implements passwordService {
|
||||||
$pwdTable = new htmlTable();
|
$pwdTable = new htmlTable();
|
||||||
$pwdTable->colspan = 3;
|
$pwdTable->colspan = 3;
|
||||||
$pwd1 = new htmlTableExtendedInputField($this->getSelfServiceLabel('password', _('New password')), 'sambaSamAccount_password');
|
$pwd1 = new htmlTableExtendedInputField($this->getSelfServiceLabel('password', _('New password')), 'sambaSamAccount_password');
|
||||||
$pwd1->setIsPassword(true);
|
$pwd1->setIsPassword(true, true);
|
||||||
$pwdTable->addElement($pwd1, true);
|
$pwdTable->addElement($pwd1, true);
|
||||||
$pwd2 = new htmlTableExtendedInputField(_('Reenter password'), 'sambaSamAccount_password2');
|
$pwd2 = new htmlTableExtendedInputField(_('Reenter password'), 'sambaSamAccount_password2');
|
||||||
$pwd2->setIsPassword(true);
|
$pwd2->setIsPassword(true);
|
||||||
|
|
|
@ -1709,7 +1709,7 @@ class windowsUser extends baseModule implements passwordService {
|
||||||
$pwdTable = new htmlTable();
|
$pwdTable = new htmlTable();
|
||||||
$pwdTable->colspan = 3;
|
$pwdTable->colspan = 3;
|
||||||
$pwd1 = new htmlTableExtendedInputField($this->getSelfServiceLabel('unicodePwd', _('New password')), 'windowsUser_unicodePwd');
|
$pwd1 = new htmlTableExtendedInputField($this->getSelfServiceLabel('unicodePwd', _('New password')), 'windowsUser_unicodePwd');
|
||||||
$pwd1->setIsPassword(true);
|
$pwd1->setIsPassword(true, true);
|
||||||
$pwdTable->addElement($pwd1, true);
|
$pwdTable->addElement($pwd1, true);
|
||||||
$pwd2 = new htmlTableExtendedInputField(_('Reenter password'), 'windowsUser_unicodePwd2');
|
$pwd2 = new htmlTableExtendedInputField(_('Reenter password'), 'windowsUser_unicodePwd2');
|
||||||
$pwd2->setIsPassword(true);
|
$pwd2->setIsPassword(true);
|
||||||
|
|
|
@ -526,3 +526,49 @@ function checkFieldsHaveSameValues(fieldID, fieldIDReference) {
|
||||||
jQuery(field).keyup(check);
|
jQuery(field).keyup(check);
|
||||||
jQuery(fieldRef).keyup(check);
|
jQuery(fieldRef).keyup(check);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks if the value of the given password field matches LAM's password policy.
|
||||||
|
* Field is marked red if fail and green if ok.
|
||||||
|
*
|
||||||
|
* @param fieldID ID of field to check
|
||||||
|
*/
|
||||||
|
function checkPasswordStrength(fieldID, ajaxURL) {
|
||||||
|
var field = jQuery('#' + fieldID);
|
||||||
|
var check =
|
||||||
|
function() {
|
||||||
|
var value = field.val();
|
||||||
|
var pwdJSON = {
|
||||||
|
"password": value
|
||||||
|
};
|
||||||
|
// make AJAX call
|
||||||
|
jQuery.post(ajaxURL + "?function=passwordStrengthCheck", {jsonInput: pwdJSON}, function(data) {checkPasswordStrengthHandleReply(data, fieldID);}, 'json');
|
||||||
|
};
|
||||||
|
jQuery(field).keyup(check);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Manages the server reply to a password strength check request.
|
||||||
|
*
|
||||||
|
* @param data JSON reply
|
||||||
|
* @param fieldID input field ID
|
||||||
|
*/
|
||||||
|
function checkPasswordStrengthHandleReply(data, fieldID) {
|
||||||
|
var field = jQuery('#' + fieldID);
|
||||||
|
if (data.result == true) {
|
||||||
|
field.removeClass('markFail');
|
||||||
|
field.addClass('markOk');
|
||||||
|
field.prop('title', '');
|
||||||
|
}
|
||||||
|
else if (field.val() == '') {
|
||||||
|
field.removeClass('markFail');
|
||||||
|
field.removeClass('markOk');
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
field.addClass('markFail');
|
||||||
|
field.removeClass('markOk');
|
||||||
|
field.prop('title', data.result);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
$Id$
|
$Id$
|
||||||
|
|
||||||
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
This code is part of LDAP Account Manager (http://www.ldap-account-manager.org/)
|
||||||
Copyright (C) 2011 - 2013 Roland Gruber
|
Copyright (C) 2011 - 2014 Roland Gruber
|
||||||
|
|
||||||
This program is free software; you can redistribute it and/or modify
|
This program is free software; you can redistribute it and/or modify
|
||||||
it under the terms of the GNU General Public License as published by
|
it under the terms of the GNU General Public License as published by
|
||||||
|
@ -38,7 +38,7 @@ if (isset($_GET['selfservice'])) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// return standard JSON response if session expired
|
// return standard JSON response if session expired
|
||||||
if (startSecureSession(false) === false) {
|
if (startSecureSession(false, true) === false) {
|
||||||
echo json_encode(array(
|
echo json_encode(array(
|
||||||
'sessionExpired' => "true"
|
'sessionExpired' => "true"
|
||||||
));
|
));
|
||||||
|
@ -81,6 +81,9 @@ class lamAjax {
|
||||||
if ($function == 'passwordChange') {
|
if ($function == 'passwordChange') {
|
||||||
lamAjax::managePasswordChange($jsonInput);
|
lamAjax::managePasswordChange($jsonInput);
|
||||||
}
|
}
|
||||||
|
elseif ($function == 'passwordStrengthCheck') {
|
||||||
|
lamAjax::checkPasswordStrength($jsonInput);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -93,6 +96,17 @@ class lamAjax {
|
||||||
echo json_encode($return);
|
echo json_encode($return);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks if a password is accepted by LAM's password policy.
|
||||||
|
*
|
||||||
|
* @param array $input input parameters
|
||||||
|
*/
|
||||||
|
public static function checkPasswordStrength($input) {
|
||||||
|
$password = $input['password'];
|
||||||
|
$result = checkPasswordStrength($password, null, null);
|
||||||
|
echo json_encode(array("result" => $result));
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue