Software /
code /
prosody-modules
Diff
mod_password_reset/mod_password_reset.lua @ 3355:3bc68057f232
mod_password_reset: Implement password policy enforcement (requires mod_password_policy)
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Tue, 09 Oct 2018 14:12:45 +0100 |
parent | 3353:e8d6f602f382 |
child | 3549:b059a3fb2a58 |
line wrap: on
line diff
--- a/mod_password_reset/mod_password_reset.lua Tue Oct 09 14:12:03 2018 +0100 +++ b/mod_password_reset/mod_password_reset.lua Tue Oct 09 14:12:45 2018 +0100 @@ -16,8 +16,9 @@ local serve = module:depends"http_files".serve; -module:depends"adhoc"; -module:depends"http"; +module:depends("adhoc"); +module:depends("http"); +local password_policy = module:depends("password_policy"); local form_template = assert(module:load_resource("password_reset/password_reset.html")):read("*a"); local result_template = assert(module:load_resource("password_reset/password_result.html")):read("*a"); @@ -38,6 +39,7 @@ return apply_template(form_template, { jid = reset_info.user.."@"..module.host; token = token; + min_password_length = password_policy.get_policy().length; }); end @@ -54,6 +56,16 @@ return apply_template(result_template, { classes = "alert-danger", message = "This link has expired." }) end + local policy_ok, policy_err = password_policy.check_password(password); + if not policy_ok then + return apply_template(form_template, { + classes = "alert-danger", message = "Unsuitable password: "..policy_err; + jid = reset_info.user.."@"..module.host; + token = token; + min_password_length = password_policy.get_policy().length; + }) + end + local ok, err = usermanager.set_password(reset_info.user, password, module.host); if ok then