Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: enhance password validation regex to require special characters; update related templates and scripts

Browse source
This commit is contained in:
Théophile Diot 2024-12-09 11:59:57 +01:00
parent 4e55b2f61c
commit 6e2f54e6a2
No known key found for this signature in database
GPG key ID: FA995104A0BA376A
6 changed files with 10 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/ui/app/static/js/pages/profile.js
View file

@ -20,10 +20,10 @@ $(document).ready(function () {
isValid,
);
isValid = validateCondition(
/[ -~]/.test(password),
/[^a-zA-Z0-9]/.test(password),
"#special-check i",
isValid,
);
); // Check for special characters
return isValid;
}

2
src/ui/app/static/js/pages/setup.js
View file

@ -46,7 +46,7 @@ $(document).ready(() => {
isValid,
);
isValid = validateCondition(
/[ -~]/.test(password),
/[^a-zA-Z0-9]/.test(password),
"#special-check i",
isValid,
); // Check for special characters

2
src/ui/app/templates/profile.html
View file

@ -221,7 +221,7 @@
aria-label="New Password"
autocomplete="off"
required
pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[ -~]).{8,}$"
pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z0-9]).{8,}$"
{% if is_readonly %}disabled{% endif %} />
<span class="input-group-text cursor-pointer"><i class="bx bx-hide"></i></span>
</div>

6
src/ui/app/templates/setup.html
View file

@ -200,7 +200,7 @@
aria-labelledby="label-password"
autocomplete="off"
required
pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[ -~]).{8,}$" />
pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z0-9]).{8,}$" />
<span class="input-group-text cursor-pointer"><i class="bx bx-hide"></i></span>
</div>
</div>
@ -251,7 +251,7 @@
aria-labelledby="label-confirm_password"
autocomplete="off"
required
pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[ -~]).{8,}$" />
pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z0-9]).{8,}$" />
<span class="input-group-text cursor-pointer"><i class="bx bx-hide"></i></span>
</div>
</div>
@ -891,7 +891,7 @@
aria-labelledby="label-overview_password"
autocomplete="off"
readonly
pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[ -~]).{8,}$" />
pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z0-9]).{8,}$" />
<span class="input-group-text cursor-pointer"><i class="bx bx-hide"></i></span>
</div>
</div>

2
src/ui/app/utils.py
View file

@ -20,7 +20,7 @@ LIB_DIR = Path(sep, "var", "lib", "bunkerweb")
LOGGER = setup_logger("UI", getenv("CUSTOM_LOG_LEVEL", getenv("LOG_LEVEL", "INFO")))
USER_PASSWORD_RX = re_compile(r"^(?=.*?\p{Lowercase_Letter})(?=.*?\p{Uppercase_Letter})(?=.*?\d)(?=.*?[ -~]).{8,}$")
USER_PASSWORD_RX = re_compile(r"^(?=.*\p{Ll})(?=.*\p{Lu})(?=.*\d)(?=.*\P{Alnum}).{8,}$")
PLUGIN_NAME_RX = re_compile(r"^[\w.-]{4,64}$")
COLUMNS_PREFERENCES_DEFAULTS = {

4
src/ui/utils/gunicorn.conf.py
View file

@ -300,7 +300,7 @@ def on_starting(server):
if env_admin_password and not check_password(env_admin_password, ADMIN_USER["password"]):
if not USER_PASSWORD_RX.match(env_admin_password):
LOGGER.warning(
"The admin password is not strong enough. It must contain at least 8 characters, including at least 1 uppercase letter, 1 lowercase letter, 1 number and 1 special character (#@?!$%^&*-). It will not be updated."
"The admin password is not strong enough. It must contain at least 8 characters, including at least 1 uppercase letter, 1 lowercase letter, 1 number and 1 special character. It will not be updated."
)
else:
ADMIN_USER["password"] = gen_password_hash(env_admin_password)
@ -326,7 +326,7 @@ def on_starting(server):
ERROR_FILE.write_text(message, encoding="utf-8")
exit(1)
elif not USER_PASSWORD_RX.match(env_admin_password):
message = "The admin password is not strong enough. It must contain at least 8 characters, including at least 1 uppercase letter, 1 lowercase letter, 1 number and 1 special character (#@?!$%^&*-)."
message = "The admin password is not strong enough. It must contain at least 8 characters, including at least 1 uppercase letter, 1 lowercase letter, 1 number and 1 special character."
LOGGER.error(message)
ERROR_FILE.write_text(message, encoding="utf-8")
exit(1)