Docker/portainer
Docker/portainer
1
0
Fork 0
mirror of https://github.com/portainer/portainer.git synced 2025-07-19 13:29:41 +02:00
Code Issues Releases Activity

feat(password) EE-2690 enforce strong password policy (#6751)

Browse source 
* feat(password) EE-2690 enforce strong password policy

* feat(password) EE-2690 disable create user button if password is not valid

* feat(password) EE-2690 show force password change warning only when week password is detected

* feat(password) EE-2690 prevent users leave account page by clicking add access token button

Co-authored-by: Simon Meng <simon.meng@portainer.io>
This commit is contained in:
cong meng 2022-04-14 13:45:54 +12:00 committed by GitHub
parent 9ebc963082
commit 85ad4e334a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
26 changed files with 331 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

5
api/http/handler/users/admin_init.go
View file

@ -9,6 +9,7 @@ import (
"github.com/portainer/libhttp/request"
"github.com/portainer/libhttp/response"
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/internal/passwordutils"
)
type adminInitPayload struct {
@ -57,6 +58,10 @@ func (handler *Handler) adminInit(w http.ResponseWriter, r *http.Request) *httpe
return &httperror.HandlerError{http.StatusConflict, "Unable to create administrator user", errAdminAlreadyInitialized}
}
if !passwordutils.StrengthCheck(payload.Password) {
return &httperror.HandlerError{http.StatusBadRequest, "Password does not meet the requirements", nil}
}
user := &portainer.User{
Username: payload.Username,
Role: portainer.AdministratorRole,