diff options
| author | Frédéric Buclin <LpSolit@gmail.com> | 2010-10-14 02:39:28 +0200 |
|---|---|---|
| committer | Frédéric Buclin <LpSolit@gmail.com> | 2010-10-14 02:39:28 +0200 |
| commit | 73ea75885de78077c9528428617fa8403935d7a5 (patch) | |
| tree | ce66faf4a7420814c392eea1837a56e33f88c144 | |
| parent | 3e06a51f060f168034ada88e40d9b60d51f8a244 (diff) | |
| download | bugzilla-73ea75885de78077c9528428617fa8403935d7a5.tar.gz bugzilla-73ea75885de78077c9528428617fa8403935d7a5.tar.xz | |
Bug 575947: Users with passwords length less than 6 characters can't login after migration from 3.4.x or older to 3.6 or newer
r/a=mkanat
| -rw-r--r-- | Bugzilla/Auth.pm | 7 | ||||
| -rw-r--r-- | Bugzilla/Auth/Verify/DB.pm | 6 | ||||
| -rw-r--r-- | Bugzilla/WebService/Constants.pm | 1 | ||||
| -rw-r--r-- | Bugzilla/WebService/User.pm | 5 | ||||
| -rw-r--r-- | template/en/default/account/email/confirm-new.html.tmpl | 9 | ||||
| -rw-r--r-- | template/en/default/account/password/set-forgotten-password.html.tmpl | 1 | ||||
| -rw-r--r-- | template/en/default/global/user-error.html.tmpl | 8 |
7 files changed, 33 insertions, 4 deletions
diff --git a/Bugzilla/Auth.pm b/Bugzilla/Auth.pm index b1da319a4..f289a4ba1 100644 --- a/Bugzilla/Auth.pm +++ b/Bugzilla/Auth.pm @@ -151,7 +151,12 @@ sub _handle_login_result { } } elsif ($fail_code == AUTH_ERROR) { - ThrowCodeError($result->{error}, $result->{details}); + if ($result->{user_error}) { + ThrowUserError($result->{error}, $result->{details}); + } + else { + ThrowCodeError($result->{error}, $result->{details}); + } } elsif ($fail_code == AUTH_NODATA) { $self->{_info_getter}->fail_nodata($self) diff --git a/Bugzilla/Auth/Verify/DB.pm b/Bugzilla/Auth/Verify/DB.pm index d8794472e..c562d1353 100644 --- a/Bugzilla/Auth/Verify/DB.pm +++ b/Bugzilla/Auth/Verify/DB.pm @@ -74,6 +74,12 @@ sub check_credentials { }; } + # Force the user to type a longer password if it's too short. + if (length($password) < USER_PASSWORD_MIN_LENGTH) { + return { failure => AUTH_ERROR, error => 'password_current_too_short', + user_error => 1, details => { locked_user => $user } }; + } + # The user's credentials are okay, so delete any outstanding # password tokens or login failures they may have generated. Bugzilla::Token::DeletePasswordTokens($user->id, "user_logged_in"); diff --git a/Bugzilla/WebService/Constants.pm b/Bugzilla/WebService/Constants.pm index f77c54c85..788f8bcc4 100644 --- a/Bugzilla/WebService/Constants.pm +++ b/Bugzilla/WebService/Constants.pm @@ -103,6 +103,7 @@ use constant WS_ERROR_CODE => { auth_invalid_email => 302, extern_id_conflict => -303, auth_failure => 304, + password_current_too_short => 305, # Except, historically, AUTH_NODATA, which is 410. login_required => 410, diff --git a/Bugzilla/WebService/User.pm b/Bugzilla/WebService/User.pm index e13921ea6..1471da8aa 100644 --- a/Bugzilla/WebService/User.pm +++ b/Bugzilla/WebService/User.pm @@ -331,6 +331,11 @@ The username does not exist, or the password is wrong. The account has been disabled. A reason may be specified with the error. +=item 305 (New Password Required) + +The current password is correct, but the user is asked to change +his password. + =item 50 (Param Required) A login or password parameter was not provided. diff --git a/template/en/default/account/email/confirm-new.html.tmpl b/template/en/default/account/email/confirm-new.html.tmpl index ed0ff3405..36bd52d09 100644 --- a/template/en/default/account/email/confirm-new.html.tmpl +++ b/template/en/default/account/email/confirm-new.html.tmpl @@ -24,11 +24,11 @@ title = title onload = "document.forms['confirm_account_form'].realname.focus();" %] -<div> +<p> To create your account, you must enter a password in the form below. Your email address and Real Name (if provided) will be shown with changes you make. -</div> +</p> <form id="confirm_account_form" method="post" action="token.cgi"> <input type="hidden" name="t" value="[% token FILTER html %]"> @@ -44,7 +44,10 @@ </tr> <tr> <th align="right"><label for="passwd1">Type your password</label>:</th> - <td><input type="password" id="passwd1" name="passwd1" value=""></td> + <td> + <input type="password" id="passwd1" name="passwd1" value=""> + (minimum [% constants.USER_PASSWORD_MIN_LENGTH FILTER none %] characters) + </td> </tr> <tr> <th align="right"><label for="passwd2">Confirm your password</label>:</th> diff --git a/template/en/default/account/password/set-forgotten-password.html.tmpl b/template/en/default/account/password/set-forgotten-password.html.tmpl index ca134a486..a2ae517c8 100644 --- a/template/en/default/account/password/set-forgotten-password.html.tmpl +++ b/template/en/default/account/password/set-forgotten-password.html.tmpl @@ -33,6 +33,7 @@ <th align="right">New Password:</th> <td> <input type="password" name="password"> + (minimum [% constants.USER_PASSWORD_MIN_LENGTH FILTER none %] characters) </td> </tr> diff --git a/template/en/default/global/user-error.html.tmpl b/template/en/default/global/user-error.html.tmpl index 5dd0c6a0a..4e3ffae50 100644 --- a/template/en/default/global/user-error.html.tmpl +++ b/template/en/default/global/user-error.html.tmpl @@ -1301,6 +1301,14 @@ [% title = "Passwords Don't Match" %] The two passwords you entered did not match. + [% ELSIF error == "password_current_too_short" %] + [% title = "New Password Required" %] + Your password is currently less than + [%+ constants.USER_PASSWORD_MIN_LENGTH FILTER html %] characters long, + which is the new minimum length required for passwords. + You must <a href="token.cgi?a=reqpw&loginname=[% locked_user.email FILTER html %]"> + request a new password</a> in order to log in again. + [% ELSIF error == "password_too_short" %] [% title = "Password Too Short" %] The password must be at least |