--- a/mod_invites_register_web/README.markdown Wed Dec 22 14:48:46 2021 +0000
+++ b/mod_invites_register_web/README.markdown Wed Dec 22 15:05:31 2021 +0000
@@ -6,6 +6,7 @@
dependencies:
- mod_invites
- mod_invites_page
+ - mod_password_policy
- mod_register_apps
build:
copy_directories:
@@ -44,3 +45,8 @@
This module depends on mod_invites_page solely for the case where an invalid
invite token is received - it will redirect to mod_invites_page so that an
appropriate error can be served to the user.
+
+The module also depends on [mod_password_policy] (which will be automatically
+loaded). As a consequence of this module being loaded, the default password
+policies will be enforced for all registrations on the server if not
+explicitly loaded or configured.
--- a/mod_invites_register_web/html/register.html Wed Dec 22 14:48:46 2021 +0000
+++ b/mod_invites_register_web/html/register.html Wed Dec 22 15:05:31 2021 +0000
@@ -69,7 +69,7 @@
<label for="password" class="col-md-4 col-lg-12 col-form-label">Password:</label>
<div class="col-md-8 col-lg-12">
<input type="password" name="password" class="form-control" aria-describedby="passwordHelp"
- autocomplete="new-password"
+ autocomplete="new-password" required minlength="{password_policy.length}"
>
<small id="passwordHelp" class="form-text text-muted">Enter a secure password that you do not use anywhere else.</small>
</div>
--- a/mod_invites_register_web/mod_invites_register_web.lua Wed Dec 22 14:48:46 2021 +0000
+++ b/mod_invites_register_web/mod_invites_register_web.lua Wed Dec 22 15:05:31 2021 +0000
@@ -16,6 +16,7 @@
});
module:depends("register_apps");
+local mod_password_policy = module:depends("password_policy");
local site_name = module:get_option_string("site_name", module.host);
local site_apps = module:shared("register_apps/apps");
@@ -59,6 +60,7 @@
jid = invite.jid;
inviter = invite.inviter;
app = query_params.c and site_apps[query_params.c];
+ password_policy = mod_password_policy.get_policy();
});
return invite_page;
end
@@ -92,6 +94,7 @@
uri = invite.uri;
type = invite.type;
jid = invite.jid;
+ password_policy = mod_password_policy.get_policy();
msg_class = "alert-warning";
message = "Please fill in all fields.";
@@ -109,6 +112,7 @@
uri = invite.uri;
type = invite.type;
jid = invite.jid;
+ password_policy = mod_password_policy.get_policy();
msg_class = "alert-warning";
message = "This username contains invalid characters.";
@@ -123,12 +127,31 @@
uri = invite.uri;
type = invite.type;
jid = invite.jid;
+ password_policy = mod_password_policy.get_policy();
msg_class = "alert-warning";
message = "This username is already in use.";
});
end
+ local pw_ok, pw_error = mod_password_policy.check_password(password, {
+ username = prepped_username;
+ });
+ if not pw_ok then
+ return render_html_template(register_page_template, {
+ site_name = site_name;
+ token = invite.token;
+ domain = module.host;
+ uri = invite.uri;
+ type = invite.type;
+ jid = invite.jid;
+ password_policy = mod_password_policy.get_policy();
+
+ msg_class = "alert-warning";
+ message = pw_error;
+ });
+ end
+
local registering = {
validated_invite = invite;
username = prepped_username;