diff options
| author | Dylan William Hardison <dylan@hardison.net> | 2017-09-15 20:30:40 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-09-15 20:30:40 +0200 |
| commit | e9adcde4648b54db8d40f314ca938dca5080bb9c (patch) | |
| tree | bd826aa5f5857e063d575fec1ec16068712edd4a /Bugzilla.pm | |
| parent | 06c57b6e475767923f8294cf93fd746d45f3dc6f (diff) | |
| download | bugzilla-e9adcde4648b54db8d40f314ca938dca5080bb9c.tar.gz bugzilla-e9adcde4648b54db8d40f314ca938dca5080bb9c.tar.xz | |
Bug 1391702 - Replace Bugzilla::User::validate_password() with calls to Data::Password::passwdqc
Diffstat (limited to 'Bugzilla.pm')
| -rw-r--r-- | Bugzilla.pm | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/Bugzilla.pm b/Bugzilla.pm index 65508cb6f..0ffd63e04 100644 --- a/Bugzilla.pm +++ b/Bugzilla.pm @@ -322,6 +322,41 @@ sub github_secret { return $cache->{github_secret}; } +sub passwdqc { + my ($class) = @_; + require Data::Password::passwdqc; + + my $cache = $class->request_cache; + my $params = $class->params; + + return $cache->{passwdqc} if $cache->{passwdqc}; + + my @min = map { $_ eq 'undef' ? undef : $_ } + split( /\s*,\s*/, $params->{passwdqc_min} ); + + return $cache->{passwdqc} = Data::Password::passwdqc->new( + min => \@min, + max => $params->{passwdqc_max}, + passphrase_words => $params->{passwdqc_passphrase_words}, + match_length => $params->{passwdqc_match_length}, + random_bits => $params->{passwdqc_random_bits}, + ); +} + +sub assert_password_is_secure { + my ( $class, $password1 ) = @_; + + my $pwqc = $class->passwdqc; + ThrowUserError( 'password_insecure', { reason => $pwqc->reason } ) + unless $pwqc->validate_password($password1); +} + +sub assert_passwords_match { + my ( $class, $password1, $password2 ) = @_; + + ThrowUserError('password_mismatch') if $password1 ne $password2; +} + sub login { my ($class, $type) = @_; |