feat(internal-auth): ability to set minimum password length [EE-3175] (#6942)

* feat(internal-auth): ability to set minimum password length [EE-3175] * pass props to react component * fixes + WIP slider * fix slider updating + add styles * remove nested ternary * fix slider updating + add remind me later button * add length to settings + value & onchange method * finish my account view * fix slider updating * slider styles * update style * move slider in * update size of slider * allow admin to browse to authentication view * use feather icons instead of font awesome * feat(settings): add colors to password rules * clean up tooltip styles * more style changes * styles * fixes + use requiredLength in password field for icon logic * simplify logic * simplify slider logic and remove debug code * use required length for logic to display pwd length warning * fix slider styles * use requiredPasswordLength to determine if password is valid * style tooltip based on theme * reset skips when password is changed * misc cleanup * reset skips when required length is changed * fix formatting * fix issues * implement some suggestions * simplify logic * update broken test * pick min password length from DB * fix suggestions * set up min password length in the DB * fix test after migration * fix formatting issue * fix bug with icon * refactored migration * fix typo * fixes * fix logic * set skips per user * reset skips for all users on length change Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com> Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
2025-07-22 23:09:41 +02:00 · 2022-06-03 16:00:13 +12:00 · 2022-06-03 16:00:13 +12:00 · bca1c6b9cf
commit bca1c6b9cf
parent 4195d93a16
52 changed files with 2486 additions and 2065 deletions
--- a/api/http/handler/users/handler.go
+++ b/api/http/handler/users/handler.go
@ -31,20 +31,22 @@ func hideFields(user *portainer.User) {
 // Handler is the HTTP handler used to handle user operations.
 type Handler struct {
 	*mux.Router
-	bouncer       *security.RequestBouncer
-	apiKeyService apikey.APIKeyService
-	demoService   *demo.Service
-	DataStore     dataservices.DataStore
-	CryptoService portainer.CryptoService
+	bouncer                 *security.RequestBouncer
+	apiKeyService           apikey.APIKeyService
+	demoService             *demo.Service
+	DataStore               dataservices.DataStore
+	CryptoService           portainer.CryptoService
+	passwordStrengthChecker security.PasswordStrengthChecker
 }

 // NewHandler creates a handler to manage user operations.
-func NewHandler(bouncer *security.RequestBouncer, rateLimiter *security.RateLimiter, apiKeyService apikey.APIKeyService, demoService *demo.Service) *Handler {
+func NewHandler(bouncer *security.RequestBouncer, rateLimiter *security.RateLimiter, apiKeyService apikey.APIKeyService, demoService *demo.Service, passwordStrengthChecker security.PasswordStrengthChecker) *Handler {
 	h := &Handler{
-		Router:        mux.NewRouter(),
-		bouncer:       bouncer,
-		apiKeyService: apiKeyService,
-		demoService:   demoService,
+		Router:                  mux.NewRouter(),
+		bouncer:                 bouncer,
+		apiKeyService:           apiKeyService,
+		demoService:             demoService,
+		passwordStrengthChecker: passwordStrengthChecker,
 	}
 	h.Handle("/users",
 		bouncer.AdminAccess(httperror.LoggerHandler(h.userCreate))).Methods(http.MethodPost)