Add configuration flag to disable minimum password requirements
The configuration flag is intentionally long and annoying - the vast majority of people should not need this. The flag is intended to be used in development environments where accounts are often registered with no intention of them sticking around.
This commit is contained in:
Travis Ralston
parent
e8a94ca3cf
commit
c636f890b5
2 changed files with 15 additions and 2 deletions
|
|
@ -76,6 +76,7 @@ module.exports = React.createClass({
|
|||
password: "",
|
||||
passwordConfirm: "",
|
||||
passwordComplexity: null,
|
||||
passwordUnsafe: false,
|
||||
};
|
||||
},
|
||||
|
||||
|
|
@ -270,12 +271,23 @@ module.exports = React.createClass({
|
|||
}
|
||||
const { scorePassword } = await import('../../../utils/PasswordScorer');
|
||||
const complexity = scorePassword(value);
|
||||
const unsafe = complexity.score < PASSWORD_MIN_SCORE;
|
||||
const allowUnsafe = SdkConfig.get()["dangerously_allow_unsafe_and_insecure_passwords"];
|
||||
this.setState({
|
||||
passwordComplexity: complexity,
|
||||
passwordUnsafe: unsafe,
|
||||
});
|
||||
return complexity.score >= PASSWORD_MIN_SCORE;
|
||||
return allowUnsafe || !unsafe;
|
||||
},
|
||||
valid: function() {
|
||||
// Unsafe passwords that are valid are only possible through a
|
||||
// configuration flag. We'll print some helper text to signal
|
||||
// to the user that their password is allowed, but unsafe.
|
||||
if (this.state.passwordUnsafe) {
|
||||
return _t("Password is allowed, but unsafe");
|
||||
}
|
||||
return _t("Nice, strong password!");
|
||||
},
|
||||
valid: () => _t("Nice, strong password!"),
|
||||
invalid: function() {
|
||||
const complexity = this.state.passwordComplexity;
|
||||
if (!complexity) {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue