Incorporated review comments for #5705

This commit is contained in:
Pravesh Sharma 2023-02-01 14:24:49 +05:30 committed by GitHub
parent aa6c199e98
commit e247867abf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 19 additions and 7 deletions

View File

@ -13,6 +13,9 @@ Please consider the following guidelines when selecting a password:
* Ensure that your password is an adequate length; 6 characters should be the
absolute minimum number of characters in the password.
* The minimum password length is set by default to six characters. This value
can be changed by setting the *PASSWORD_LENGTH_MIN* option to desired length
in pgAdmin configuration; see :ref:`config_py` for more information.
* Ensure that your password is not open to dictionary attacks. Use a mixture of
upper and lower case letters and numerics, and avoid words or names. Consider
using the first letter from each word in a phrase that you will remember

View File

@ -13,6 +13,9 @@ Please consider the following guidelines when selecting a password:
* Ensure that your password is an adequate length; 6 characters should be the
absolute minimum number of characters in the password.
* The minimum password length is set by default to six characters. This value
can be changed by setting the *PASSWORD_LENGTH_MIN* option to desired length
in pgAdmin configuration; see :ref:`config_py` for more information.
* Ensure that your password is not open to dictionary attacks. Use a mixture of
upper and lower case letters and numerics, and avoid words or names. Consider
using the first letter from each word in a phrase that you will remember

View File

@ -193,7 +193,7 @@ ALLOWED_HOSTS = []
SECURITY_PASSWORD_HASH = 'pbkdf2_sha512'
# Minimum password length
SECURITY_PASSWORD_LENGTH_MIN = 6
PASSWORD_LENGTH_MIN = 6
# Reverse Proxy parameters
# You must tell the middleware how many proxies set each header

View File

@ -350,6 +350,7 @@ def create_app(app_name=None):
app.config['SECURITY_MSG_USER_DOES_NOT_EXIST'] = \
app.config['SECURITY_MSG_INVALID_PASSWORD'] = \
(gettext("Incorrect username or password."), "error")
app.config['SECURITY_PASSWORD_LENGTH_MIN'] = config.PASSWORD_LENGTH_MIN
# Create database connection object and mailer
db.init_app(app)

View File

@ -627,7 +627,8 @@ def utils():
login_url=login_url,
username=current_user.username,
auth_source=auth_source,
heartbeat_timeout=config.SERVER_HEARTBEAT_TIMEOUT
heartbeat_timeout=config.SERVER_HEARTBEAT_TIMEOUT,
password_length_min=config.PASSWORD_LENGTH_MIN
),
200, {'Content-Type': MIMETYPE_APP_JS})

View File

@ -69,6 +69,9 @@ define('pgadmin.browser.utils',
/* Server Heartbeat Timeout */
pgAdmin['heartbeat_timeout'] = '{{heartbeat_timeout}}';
/* Minimum password length */
pgAdmin['password_length_min'] = '{{password_length_min}}';
// Define list of nodes on which Query tool option doesn't appears
let unsupported_nodes = pgAdmin.unsupported_nodes = [
'server_group', 'server', 'coll-tablespace', 'tablespace',

View File

@ -55,13 +55,13 @@ def user_info_server():
email = input(ENTER_EMAIL_ADDRESS)
p1, p2 = pprompt()
while p1 != p2 or len(p1) < 6:
while p1 != p2 or len(p1) < config.PASSWORD_LENGTH_MIN:
if p1 != p2:
print('Passwords do not match. Please try again.')
else:
print(
'Password must be at least 6 characters. '
'Please try again.'
'Password must be at least {} characters. '
'Please try again.'.format(config.PASSWORD_LENGTH_MIN)
)
p1, p2 = pprompt()

View File

@ -133,6 +133,7 @@ class UserManagementCollection extends BaseUISchema {
validate(state, setError) {
let msg = undefined;
let obj = this;
let minPassLen = pgAdmin.password_length_min;
if (obj.isUserNameEnabled(state) && isEmptyString(state.username)) {
msg = gettext('Username cannot be empty');
setError('username', msg);
@ -184,8 +185,8 @@ class UserManagementCollection extends BaseUISchema {
msg = gettext('Password cannot be empty for user %s', state.email);
setError('newPassword', msg);
return true;
} else if (state.newPassword?.length < 6) {
msg = gettext('Password must be at least 6 characters for user %s', state.email);
} else if (state.newPassword?.length < minPassLen) {
msg = gettext('Password must be at least %s characters for user %s', minPassLen, state.email);
setError('newPassword', msg);
return true;
} else {