feat(internal-auth): ability to set minimum password length [EE-3175] (#6942)

* feat(internal-auth): ability to set minimum password length [EE-3175] * pass props to react component * fixes + WIP slider * fix slider updating + add styles * remove nested ternary * fix slider updating + add remind me later button * add length to settings + value & onchange method * finish my account view * fix slider updating * slider styles * update style * move slider in * update size of slider * allow admin to browse to authentication view * use feather icons instead of font awesome * feat(settings): add colors to password rules * clean up tooltip styles * more style changes * styles * fixes + use requiredLength in password field for icon logic * simplify logic * simplify slider logic and remove debug code * use required length for logic to display pwd length warning * fix slider styles * use requiredPasswordLength to determine if password is valid * style tooltip based on theme * reset skips when password is changed * misc cleanup * reset skips when required length is changed * fix formatting * fix issues * implement some suggestions * simplify logic * update broken test * pick min password length from DB * fix suggestions * set up min password length in the DB * fix test after migration * fix formatting issue * fix bug with icon * refactored migration * fix typo * fixes * fix logic * set skips per user * reset skips for all users on length change Co-authored-by: Chaim Lev-Ari <chiptus@gmail.com> Co-authored-by: Dmitry Salakhov <to@dimasalakhov.com>
2025-07-19 13:29:41 +02:00 · 2022-06-03 16:00:13 +12:00 · 2022-06-03 16:00:13 +12:00 · bca1c6b9cf
commit bca1c6b9cf
parent 4195d93a16
52 changed files with 2486 additions and 2065 deletions
--- a/api/http/security/passwordStrengthCheck_test.go
+++ b/api/http/security/passwordStrengthCheck_test.go
@ -0,0 +1,49 @@
+package security
+
+import (
+	"testing"
+
+	portainer "github.com/portainer/portainer/api"
+)
+
+func TestStrengthCheck(t *testing.T) {
+	checker := NewPasswordStrengthChecker(settingsStub{minLength: 12})
+
+	type args struct {
+		password string
+	}
+	tests := []struct {
+		name       string
+		args       args
+		wantStrong bool
+	}{
+		{"Empty password", args{""}, false},
+		{"Short password", args{"portainer"}, false},
+		{"Short password", args{"portaienr!@#"}, true},
+		{"Week password", args{"12345678!@#"}, false},
+		{"Week password", args{"portaienr123"}, true},
+		{"Good password", args{"Portainer123"}, true},
+		{"Good password", args{"Portainer___"}, true},
+		{"Good password", args{"^portainer12"}, true},
+		{"Good password", args{"12%PORTAINER"}, true},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if gotStrong := checker.Check(tt.args.password); gotStrong != tt.wantStrong {
+				t.Errorf("StrengthCheck() = %v, want %v", gotStrong, tt.wantStrong)
+			}
+		})
+	}
+}
+
+type settingsStub struct {
+	minLength int
+}
+
+func (s settingsStub) Settings() (*portainer.Settings, error) {
+	return &portainer.Settings{
+		InternalAuthSettings: portainer.InternalAuthSettings{
+			RequiredPasswordLength: s.minLength,
+		},
+	}, nil
+}