Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-08 15:28:05 +03:00
Code Issues Packages Projects Releases Wiki Activity

ensure to always validate password strength

Browse Source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2022-12-09 19:44:35 +01:00
parent 9ba468698b
commit af4f54bf11
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/dataprovider/dataprovider.go
View File

@@ -1882,6 +1882,11 @@ func AddUser(user *User, executor, ipAddress string) error {
// UpdateUserPassword updates the user password // UpdateUserPassword updates the user password
func UpdateUserPassword(username, plainPwd, executor, ipAddress string) error { func UpdateUserPassword(username, plainPwd, executor, ipAddress string) error {
if config.PasswordValidation.Users.MinEntropy > 0 {
if err := passwordvalidator.Validate(plainPwd, config.PasswordValidation.Users.MinEntropy); err != nil {
return util.NewValidationError(err.Error())
}
}
hashedPwd, err := hashPlainPassword(plainPwd) hashedPwd, err := hashPlainPassword(plainPwd)
if err != nil { if err != nil {
return util.NewGenericError(fmt.Sprintf("unable to set the new password: %v", err)) return util.NewGenericError(fmt.Sprintf("unable to set the new password: %v", err))