diff options
author | Simon Green <sgreen@redhat.com> | 2014-09-11 01:45:23 +0200 |
---|---|---|
committer | Simon Green <sgreen@redhat.com> | 2014-09-11 01:45:23 +0200 |
commit | b8ecdca238744552db04acb5450ce078d9760a4c (patch) | |
tree | 42cd3a41e06fd229d6deeae6b247df724272dd3c /Bugzilla/Auth | |
parent | ab1b842ba2e2f9ad3774c6c415129a4e196acc57 (diff) | |
download | bugzilla-b8ecdca238744552db04acb5450ce078d9760a4c.tar.gz bugzilla-b8ecdca238744552db04acb5450ce078d9760a4c.tar.xz |
Bug 1009013 - Require a user to change their password if they log in and their current password does not meet the password complexity rules
r=glob, a=sgreen
Diffstat (limited to 'Bugzilla/Auth')
-rw-r--r-- | Bugzilla/Auth/Verify/DB.pm | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/Bugzilla/Auth/Verify/DB.pm b/Bugzilla/Auth/Verify/DB.pm index ad7f15d24..28a9310c9 100644 --- a/Bugzilla/Auth/Verify/DB.pm +++ b/Bugzilla/Auth/Verify/DB.pm @@ -56,10 +56,19 @@ sub check_credentials { }; } - # Force the user to type a longer password if it's too short. - if (length($password) < USER_PASSWORD_MIN_LENGTH) { - return { failure => AUTH_ERROR, user_error => 'password_current_too_short', - details => { locked_user => $user } }; + # Force the user to change their password if it does not meet the current + # criteria. This should usually only happen if the criteria has changed. + if (Bugzilla->usage_mode == USAGE_MODE_BROWSER && + Bugzilla->params->{password_check_on_login}) + { + my $check = validate_password_check($password); + if ($check) { + return { + failure => AUTH_ERROR, + user_error => $check, + details => { locked_user => $user } + } + } } # The user's credentials are okay, so delete any outstanding |