jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Move password generation into separate file and ensure we generate strong passwords

Browse Source
This commit is contained in:
Johannes Zellner
2016-01-20 15:33:11 +01:00
parent bfa917e057
commit 02ba91f1bb
3 changed files with 49 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/user.js
View File

@@ -31,6 +31,7 @@ var assert = require('assert'),
userdb = require('./userdb.js'),
tokendb = require('./tokendb.js'),
clientdb = require('./clientdb.js'),
validatePassword = require('./password.js').validate,
util = require('util'),
validator = require('validator'),
_ = require('underscore');
@@ -71,9 +72,6 @@ UserError.BAD_PASSWORD = 'Bad password';
UserError.BAD_TOKEN = 'Bad token';
UserError.NOT_ALLOWED = 'Not Allowed';
// http://www.w3resource.com/javascript/form/example4-javascript-form-validation-password.html
var gPasswordTestRegExp = /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9])(?!.*\s).{8,20}$/;
function listUsers(callback) {
assert.strictEqual(typeof callback, 'function');
@@ -93,14 +91,6 @@ function validateUsername(username) {
return null;
}
function validatePassword(password) {
assert.strictEqual(typeof password, 'string');
if(!password.match(gPasswordTestRegExp)) return new UserError(UserError.BAD_PASSWORD, 'Password must be 8-20 character with at least one uppercase, one numeric and one special character');
return null;
}
function validateEmail(email) {
assert.strictEqual(typeof email, 'string');