Add configuration flag to disable minimum password requirements
The configuration flag is intentionally long and annoying - the vast majority of people should not need this. The flag is intended to be used in development environments where accounts are often registered with no intention of them sticking around.pull/21833/head
Travis Ralston
parent
e8a94ca3cf
commit
c636f890b5
|
|
@ -76,6 +76,7 @@ module.exports = React.createClass({
|
||||||
password: "",
|
password: "",
|
||||||
passwordConfirm: "",
|
passwordConfirm: "",
|
||||||
passwordComplexity: null,
|
passwordComplexity: null,
|
||||||
|
passwordUnsafe: false,
|
||||||
};
|
};
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
@ -270,12 +271,23 @@ module.exports = React.createClass({
|
||||||
}
|
}
|
||||||
const { scorePassword } = await import('../../../utils/PasswordScorer');
|
const { scorePassword } = await import('../../../utils/PasswordScorer');
|
||||||
const complexity = scorePassword(value);
|
const complexity = scorePassword(value);
|
||||||
|
const unsafe = complexity.score < PASSWORD_MIN_SCORE;
|
||||||
|
const allowUnsafe = SdkConfig.get()["dangerously_allow_unsafe_and_insecure_passwords"];
|
||||||
this.setState({
|
this.setState({
|
||||||
passwordComplexity: complexity,
|
passwordComplexity: complexity,
|
||||||
|
passwordUnsafe: unsafe,
|
||||||
});
|
});
|
||||||
return complexity.score >= PASSWORD_MIN_SCORE;
|
return allowUnsafe || !unsafe;
|
||||||
|
},
|
||||||
|
valid: function() {
|
||||||
|
// Unsafe passwords that are valid are only possible through a
|
||||||
|
// configuration flag. We'll print some helper text to signal
|
||||||
|
// to the user that their password is allowed, but unsafe.
|
||||||
|
if (this.state.passwordUnsafe) {
|
||||||
|
return _t("Password is allowed, but unsafe");
|
||||||
|
}
|
||||||
|
return _t("Nice, strong password!");
|
||||||
},
|
},
|
||||||
valid: () => _t("Nice, strong password!"),
|
|
||||||
invalid: function() {
|
invalid: function() {
|
||||||
const complexity = this.state.passwordComplexity;
|
const complexity = this.state.passwordComplexity;
|
||||||
if (!complexity) {
|
if (!complexity) {
|
||||||
|
|
|
||||||
|
|
@ -1327,6 +1327,7 @@
|
||||||
"Enter email address (required on this homeserver)": "Enter email address (required on this homeserver)",
|
"Enter email address (required on this homeserver)": "Enter email address (required on this homeserver)",
|
||||||
"Doesn't look like a valid email address": "Doesn't look like a valid email address",
|
"Doesn't look like a valid email address": "Doesn't look like a valid email address",
|
||||||
"Enter password": "Enter password",
|
"Enter password": "Enter password",
|
||||||
|
"Password is allowed, but unsafe": "Password is allowed, but unsafe",
|
||||||
"Nice, strong password!": "Nice, strong password!",
|
"Nice, strong password!": "Nice, strong password!",
|
||||||
"Keep going...": "Keep going...",
|
"Keep going...": "Keep going...",
|
||||||
"Passwords don't match": "Passwords don't match",
|
"Passwords don't match": "Passwords don't match",
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue