Mamanyonyo/akashi-esquizolandia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #128 from AttorneyOnline/password-requirements

Browse Source 
Add password requirements
This commit is contained in:
scatterflower 2021-06-06 14:08:33 -05:00 committed by GitHub
commit 4c32cf86cc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 131 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
bin/config_sample/config.ini
View File

@ -31,3 +31,12 @@ webhook_enabled=false
webhook_url=Your webhook url here. webhook_url=Your webhook url here.
webhook_sendfile=false webhook_sendfile=false
webhook_content= webhook_content=
[Password]
password_requirements = true
pass_min_length = 8
pass_max_length = 0
pass_required_mix_case = true
pass_required_numbers = true
pass_required_special = true
pass_can_contain_username = false

17
core/include/aoclient.h
View File

@ -1878,6 +1878,23 @@ class AOClient : public QObject {
*/ */
QStringList updateStatement(QStringList packet); QStringList updateStatement(QStringList packet);
/**
* @brief Called when area enum is set to PLAYBACK. Sends the IC-Message stored at the current statement.
* @return IC-Message stored in the QVector.
*/
QStringList playTestimony();
/**
* @brief Checks if a password meets the server's password requirements.
*
* @param username The chosen username.
*
* @param password The password to check.
*
* @return True if the password meets the requirements, otherwise false.
*/
bool checkPasswordRequirements(QString username, QString password);
///@} ///@}
/** /**

35
core/include/server.h
View File

@ -318,6 +318,41 @@ class Server : public QObject {
*/ */
int message_floodguard; int message_floodguard;
/**
* @brief Whether password requirements are enabled.
*/
bool password_requirements = true;
/**
* @brief The minimum length passwords can be.
*/
int password_minimum_length;
/**
* @brief The maximum length passwords can be.
*/
int password_maximum_length;
/**
* @brief Whether passwords must be mixed case.
*/
bool password_require_mixed_case = true;
/**
* @brief Whether passwords must contain numbers.
*/
bool password_require_numbers = true;
/**
* @brief Whether passwords must contain special characters.
*/
bool password_require_special_characters = true;
/**
* @brief Whether passwords can contain the associated username.
*/
bool password_can_contain_username = false;
/** /**
* @brief URL send to the client during handshake to set the remote repository URL. * @brief URL send to the client during handshake to set the remote repository URL.
*/ */

14
core/src/commands/authentication.cpp
View File

@ -57,6 +57,11 @@ void AOClient::cmdSetRootPass(int argc, QStringList argv)
if (!change_auth_started) if (!change_auth_started)
return; return;
if (!checkPasswordRequirements("root", argv[0])) {
sendServerMessage("Password does not meet server requirements.");
return;
}
sendServerMessage("Changing auth type and setting root password.\nLogin again with /login root [password]"); sendServerMessage("Changing auth type and setting root password.\nLogin again with /login root [password]");
authenticated = false; authenticated = false;
QSettings settings("config/config.ini", QSettings::IniFormat); QSettings settings("config/config.ini", QSettings::IniFormat);
@ -79,6 +84,10 @@ void AOClient::cmdSetRootPass(int argc, QStringList argv)
void AOClient::cmdAddUser(int argc, QStringList argv) void AOClient::cmdAddUser(int argc, QStringList argv)
{ {
if (!checkPasswordRequirements(argv[0], argv[1])) {
sendServerMessage("Password does not meet server requirements.");
return;
}
#if QT_VERSION < QT_VERSION_CHECK(5, 10, 0) #if QT_VERSION < QT_VERSION_CHECK(5, 10, 0)
qsrand(QDateTime::currentMSecsSinceEpoch()); qsrand(QDateTime::currentMSecsSinceEpoch());
quint32 upper_salt = qrand(); quint32 upper_salt = qrand();
@ -254,6 +263,11 @@ void AOClient::cmdChangePassword(int argc, QStringList argv)
return; return;
} }
if (!checkPasswordRequirements(username, password)) {
sendServerMessage("Password does not meet server requirements.");
return;
}
if (server->db_manager->updatePassword(username, password)) { if (server->db_manager->updatePassword(username, password)) {
sendServerMessage("Successfully changed password."); sendServerMessage("Successfully changed password.");
} }

37
core/src/commands/command_helper.cpp
View File

@ -169,3 +169,40 @@ QString AOClient::getReprimand(bool positive)
return server->reprimands_list[genRand(0, server->reprimands_list.size() - 1)]; return server->reprimands_list[genRand(0, server->reprimands_list.size() - 1)];
} }
} }
bool AOClient::checkPasswordRequirements(QString username, QString password)
{
QString decoded_password = decodeMessage(password);
if (!server->password_requirements)
return true;
if (server->password_minimum_length > decoded_password.length())
return false;
if (server->password_maximum_length < decoded_password.length() && server->password_maximum_length != 0)
return false;
else if (server->password_require_mixed_case) {
if (decoded_password.toLower() == decoded_password)
return false;
if (decoded_password.toUpper() == decoded_password)
return false;
}
else if (server->password_require_numbers) {
QRegularExpression regex("[0123456789]");
QRegularExpressionMatch match = regex.match(decoded_password);
if (!match.hasMatch())
return false;
}
else if (server->password_require_special_characters) {
QRegularExpression regex("[~!@#$%^&*_-+=`|\\(){}\[]:;\"'<>,.?/]");
QRegularExpressionMatch match = regex.match(decoded_password);
if (!match.hasMatch())
return false;
}
else if (!server->password_can_contain_username) {
if (decoded_password.contains(username))
return false;
}
return true;
}

19
core/src/server.cpp
View File

@ -313,6 +313,25 @@ void Server::loadServerConfig()
webhook_sendfile = config.value("webhook_sendfile", false).toBool(); webhook_sendfile = config.value("webhook_sendfile", false).toBool();
webhook_content = config.value("webhook_content", "").toString(); webhook_content = config.value("webhook_content", "").toString();
config.endGroup(); config.endGroup();
//Load password configuration
config.beginGroup("Password");
password_requirements = config.value("password_requirements", "false").toBool();
if (password_requirements) {
bool password_minimum_length_conversion_success;
password_minimum_length = config.value("pass_min_length", "8").toInt(&password_minimum_length_conversion_success);
if (!password_minimum_length_conversion_success)
password_minimum_length = 8;
bool password_maximum_length_conversion_success;
password_maximum_length = config.value("pass_max_length", "16").toInt(&password_maximum_length_conversion_success);
if (!password_minimum_length_conversion_success)
password_maximum_length = 16;
password_require_mixed_case = config.value("pass_require_mix_case", "true").toBool();
password_require_numbers = config.value("pass_require_numbers", "true").toBool();
password_require_special_characters = config.value("pass_require_special", "true").toBool();
password_can_contain_username = config.value("pass_can_contain_username", "false").toBool();
}
config.endGroup();
} }
void Server::allowMessage() void Server::allowMessage()