Baguette
/
dnsmanager-webclient
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Authentication: accept passwords without lower limit on the number of characters.

caa
Philippe PITTOLI 2024-06-28 16:46:15 +02:00
parent d049d99b1f
commit eceeb8c264
2 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/App/Page/Authentication.purs
View File

@ -298,7 +298,7 @@ handleAction = case _ of
H.raise $ Log $ UnableToSend "Write your password!" H.raise $ Log $ UnableToSend "Write your password!"
_, _ -> do _, _ -> do
case L.login login, P.password pass of case L.login login, P.password_on_authentication_page pass of
Left errors, _ -> H.modify_ _ { errors = [ Login errors ] } Left errors, _ -> H.modify_ _ { errors = [ Login errors ] }
_, Left errors -> H.modify_ _ { errors = [ Password errors ] } _, Left errors -> H.modify_ _ { errors = [ Password errors ] }
_, _ -> do H.modify_ _ { errors = [] } _, _ -> do H.modify_ _ { errors = [] }

27
src/App/Validation/Password.purs
View File

@ -25,6 +25,11 @@ min_password_size = 15
max_password_size :: Int max_password_size :: Int
max_password_size = 100 max_password_size = 100
min_password_size_auth :: Int
min_password_size_auth = 0
max_password_size_auth :: Int
max_password_size_auth = 100
parse :: forall e v. G.Parser e v -> String -> ((G.Error e) -> Error) -> V (Array Error) v parse :: forall e v. G.Parser e v -> String -> ((G.Error e) -> Error) -> V (Array Error) v
parse (G.Parser p) str c = case p { string: str, position: 0 } of parse (G.Parser p) str c = case p { string: str, position: 0 } of
Left x -> invalid $ [c x] Left x -> invalid $ [c x]
@ -35,9 +40,25 @@ password_parser = do
l <- G.many1 (vchar <|> G.char ' ') G.<:> \_ -> CannotParse l <- G.many1 (vchar <|> G.char ' ') G.<:> \_ -> CannotParse
_ <- SomeParsers.eof G.<:> \_ -> CannotEntirelyParse _ <- SomeParsers.eof G.<:> \_ -> CannotEntirelyParse
pos <- G.current_position pos <- G.current_position
if pos < min_password_size || pos > max_password_size if between min_password_size max_password_size pos
then G.Parser \i -> G.failureError i.position (Just $ Size min_password_size max_password_size pos) then pure $ CU.fromCharArray l
else pure $ CU.fromCharArray l else G.Parser \i -> G.failureError i.position (Just $ Size min_password_size max_password_size pos)
-- The only change actually is the size of the accepted password.
password_auth_parser :: G.Parser PasswordParsingError String
password_auth_parser = do
l <- G.many1 (vchar <|> G.char ' ') G.<:> \_ -> CannotParse
_ <- SomeParsers.eof G.<:> \_ -> CannotEntirelyParse
pos <- G.current_position
if between min_password_size_auth max_password_size_auth pos
then pure $ CU.fromCharArray l
else G.Parser \i -> G.failureError i.position (Just $ Size min_password_size_auth max_password_size_auth pos)
password :: String -> Either (Array Error) String password :: String -> Either (Array Error) String
password s = toEither $ parse password_parser s ParsingError password s = toEither $ parse password_parser s ParsingError
-- | The password on the authentication page is a little different because
-- | migrated accounts may not follow the rules for new clients as seen on the
-- | registration page.
password_on_authentication_page :: String -> Either (Array Error) String
password_on_authentication_page s = toEither $ parse password_auth_parser s ParsingError