Context Navigation

Changeset 246140 in webkit

Timestamp:

Jun 5, 2019 8:20:00 PM (5 years ago)

Author:

commit-queue@webkit.org

Message:

Add support of zxcvbn password strength checker to bugs.webkit.org website.
https://bugs.webkit.org/show_bug.cgi?id=198391
rdar://problem/51278166

Patch by Ling Ho <lingcherd_ho@apple.com> on 2019-06-05
Reviewed by David Kilzer.

(get_param_list):

(REQUIRED_MODULES):

(validate_password_check):

Location:

trunk/Websites/bugs.webkit.org

Files:

-                      r214224
+                      r246140
   },
+  # WEBKIT_CHANGES
+  {
    name => 'password_complexity',
    type => 's',
    choices => [ 'no_constraints', 'mixed_letters', 'letters_numbers',
                 'letters_numbers_specialchars' ],
+                'letters_numbers_specialchars', 'zxcvbn_password_checker' ],
    default => 'no_constraints',
    checker => \&check_multi

-                      r240167
+                      r246140
         # 2.0 is the first version that will work with JSON::RPC.
         version => '2.01',
+    },
+    # WEBKIT_CHANGES
+    {
+        package => 'Data-Password-zxcvbn',
+        module  => 'Data::Password::zxcvbn',
+        version => 0
     },
     );

-                      r214224
+                      r246140
 use URI;
 use URI::QueryParam;
+use Data::Password::zxcvbn qw(password_strength); # WEBKIT_CHANGES
 use parent qw(Bugzilla::Object Exporter);
 …
         return 'password_not_complex'
           if ($password !~ /[[:lower:]]/ || $password !~ /[[:upper:]]/);
+    # WEBKIT_CHANGES
+    } elsif ($complexity_level eq 'zxcvbn_password_checker') {
+        my %opts = (score_for_feedback => 3);
+        my $est_strength = password_strength($password, \%opts);
+        return 'Password is weak. ' . $est_strength->{feedback}->{warning}
+          if ($est_strength->{score} < 4);
+    }

-                      r245261
+                      r246140
+-06-05  Ling Ho  <lingcherd_ho@apple.com>
+        Add support of zxcvbn password strength checker to bugs.webkit.org website.
+        https://bugs.webkit.org/show_bug.cgi?id=198391
+        rdar://problem/51278166
+        Reviewed by David Kilzer.
+        * Bugzilla/Config/Auth.pm:
+        (get_param_list):
+        * Bugzilla/Install/Requirements.pm:
+        (REQUIRED_MODULES):
+        * Bugzilla/User.pm:
+        (validate_password_check):
+        * template/en/default/admin/params/auth.html.tmpl:
+        * template/en/default/global/user-error.html.tmpl:
 -05-13  Jer Noble  <jer.noble@apple.com>

-                      r214224
+                      r246140
     "lower case letter and a number.</li>" _
     "<li>letters_numbers_specialchars - Passwords must contain at least one " _
+    "letter, a number and a special character.</li></ul>"
+    "letter, a number and a special character.</li>" _
+    "<li>zxcvbn_password_checker - Enable zxcvbn strength estimator for password strength checking.</li></ul>" # WEBKIT_CHANGES
   password_check_on_login =>

-                      r214224
+                      r246140
     [% END %]
+  [%# WEBKIT_CHANGES %]
+  [% ELSIF error.search("Password is weak") %]
+    [% title = "Password Is Weak" %]
+    [% error FILTER html %]
+    [% IF locked_user %]
+      You must <a href="token.cgi?a=reqpw&amp;loginname=[% locked_user.email FILTER uri %]&amp;token=[% issue_hash_token(['reqpw']) FILTER uri %]">
+      request a new password</a> in order to log in again.
+    [% END %]
   [% ELSIF error == "password_not_complex" %]
     [% title = "Password Fails Requirements" %]

Note: See TracChangeset for help on using the changeset viewer.