Move password generation logic to model code
This commit is contained in:
Girish Ramakrishnan
Generated
-18
@@ -6196,24 +6196,6 @@
|
||||
}
|
||||
}
|
||||
},
|
||||
"password-generator": {
|
||||
"version": "2.2.0",
|
||||
"resolved": "https://registry.npmjs.org/password-generator/-/password-generator-2.2.0.tgz",
|
||||
"integrity": "sha1-/HXP95URCSPgVKWnFiNDMkC/Xkk=",
|
||||
"requires": {
|
||||
"yargs-parser": "8.1.0"
|
||||
},
|
||||
"dependencies": {
|
||||
"yargs-parser": {
|
||||
"version": "8.1.0",
|
||||
"resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-8.1.0.tgz",
|
||||
"integrity": "sha512-yP+6QqN8BmrgW2ggLtTbdrOyBNSI7zBa4IykmiV5R1wl1JWNxQvWhMfMdmzIYtKU7oP3OOInY/tl2ov3BDjnJQ==",
|
||||
"requires": {
|
||||
"camelcase": "4.1.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
},
|
||||
"path-exists": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz",
|
||||
|
||||
@@ -54,7 +54,6 @@
|
||||
"passport-http-bearer": "^1.0.1",
|
||||
"passport-local": "^1.0.0",
|
||||
"passport-oauth2-client-password": "^0.1.2",
|
||||
"password-generator": "^2.2.0",
|
||||
"progress-stream": "^2.0.0",
|
||||
"proxy-middleware": "^0.15.0",
|
||||
"qrcode": "^1.2.0",
|
||||
|
||||
@@ -1,38 +0,0 @@
|
||||
/* jslint node:true */
|
||||
|
||||
'use strict';
|
||||
|
||||
// From https://www.npmjs.com/package/password-generator
|
||||
|
||||
exports = module.exports = {
|
||||
generate: generate
|
||||
};
|
||||
|
||||
var assert = require('assert'),
|
||||
generatePassword = require('password-generator');
|
||||
|
||||
// http://www.w3resource.com/javascript/form/example4-javascript-form-validation-password.html
|
||||
// WARNING!!! if this is changed, the UI parts in the setup and account view have to be adjusted!
|
||||
var gPasswordTestRegExp = /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9])(?!.*\s).{8,30}$/;
|
||||
|
||||
var UPPERCASE_RE = /([A-Z])/g;
|
||||
var LOWERCASE_RE = /([a-z])/g;
|
||||
var NUMBER_RE = /([\d])/g;
|
||||
var SPECIAL_CHAR_RE = /([\?\-])/g;
|
||||
|
||||
function isStrongEnough(password) {
|
||||
var uc = password.match(UPPERCASE_RE);
|
||||
var lc = password.match(LOWERCASE_RE);
|
||||
var n = password.match(NUMBER_RE);
|
||||
var sc = password.match(SPECIAL_CHAR_RE);
|
||||
|
||||
return uc && lc && n && sc;
|
||||
}
|
||||
|
||||
function generate() {
|
||||
var password = '';
|
||||
|
||||
while (!isStrongEnough(password)) password = generatePassword(8, false, /[\w\d\?\-]/);
|
||||
|
||||
return password;
|
||||
}
|
||||
+1
-2
@@ -13,7 +13,6 @@ exports = module.exports = {
|
||||
|
||||
var assert = require('assert'),
|
||||
constants = require('../constants.js'),
|
||||
generatePassword = require('../password.js').generate,
|
||||
HttpError = require('connect-lastmile').HttpError,
|
||||
HttpSuccess = require('connect-lastmile').HttpSuccess,
|
||||
users = require('../users.js'),
|
||||
@@ -33,7 +32,7 @@ function create(req, res, next) {
|
||||
if ('displayName' in req.body && typeof req.body.displayName !== 'string') return next(new HttpError(400, 'displayName must be string'));
|
||||
if ('password' in req.body && typeof req.body.password !== 'string') return next(new HttpError(400, 'password must be string'));
|
||||
|
||||
var password = req.body.password || generatePassword();
|
||||
var password = req.body.password || null;
|
||||
var email = req.body.email;
|
||||
var sendInvite = req.body.invite;
|
||||
var username = 'username' in req.body ? req.body.username : null;
|
||||
|
||||
+7
-3
@@ -135,7 +135,7 @@ function removePrivateFields(user) {
|
||||
|
||||
function create(username, password, email, displayName, auditSource, options, callback) {
|
||||
assert(username === null || typeof username === 'string');
|
||||
assert.strictEqual(typeof password, 'string');
|
||||
assert(password === null || typeof password === 'string');
|
||||
assert.strictEqual(typeof email, 'string');
|
||||
assert.strictEqual(typeof displayName, 'string');
|
||||
assert.strictEqual(typeof auditSource, 'object');
|
||||
@@ -157,8 +157,12 @@ function create(username, password, email, displayName, auditSource, options, ca
|
||||
if (error) return callback(error);
|
||||
}
|
||||
|
||||
error = validatePassword(password);
|
||||
if (error) return callback(new UsersError(UsersError.BAD_FIELD, error.message));
|
||||
if (password !== null) {
|
||||
error = validatePassword(password);
|
||||
if (error) return callback(new UsersError(UsersError.BAD_FIELD, error.message));
|
||||
} else {
|
||||
password = hat(8 * 8);
|
||||
}
|
||||
|
||||
email = email.toLowerCase();
|
||||
error = validateEmail(email);
|
||||
|
||||
Reference in New Issue
Block a user