github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 10:54:22 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
c740b42328
discourse/lib/validators/password_validator.rb

21 lines
781 B
Ruby
Raw Normal View History

Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature.
2013-12-21 05:34:34 +08:00
require_dependency "common_passwords/common_passwords"
Move password validation into PasswordValidator
2013-12-20 04:12:03 +08:00
class PasswordValidator < ActiveModel::EachValidator
def validate_each(record, attribute, value)
return unless record.password_required?
if value.nil?
record.errors.add(attribute, :blank)
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length.
2013-12-20 05:15:36 +08:00
elsif value.length < SiteSetting.min_password_length
record.errors.add(attribute, :too_short, count: SiteSetting.min_password_length)
FEATURE: don't allow username and password to be the same
2015-02-26 00:59:57 +08:00
elsif record.username.present? && value == record.username
record.errors.add(attribute, :same_as_username)
fixed password validator on equality with email
2016-01-06 04:43:11 +08:00
elsif record.email.present? && value == record.email
FEATURE: don't allow username and email to be the same
2015-02-28 02:47:43 +08:00
record.errors.add(attribute, :same_as_email)
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature.
2013-12-21 05:34:34 +08:00
elsif SiteSetting.block_common_passwords && CommonPasswords.common_password?(value)
record.errors.add(attribute, :common)
Move password validation into PasswordValidator
2013-12-20 04:12:03 +08:00
end
end
end
Reference in New Issue Copy Permalink