From 8750adad7bf8f50b5a356cb0994339db87ac8b51 Mon Sep 17 00:00:00 2001 From: Yadd Date: Sun, 24 Mar 2024 08:17:28 +0400 Subject: [PATCH] Reorganize code --- .../lib/Lemonldap/NG/Portal/Lib/Password.pm | 56 +++++++++++++++++++ .../NG/Portal/Plugins/MailPasswordReset.pm | 36 +----------- .../NG/Portal/Plugins/_PasswordReset.pm | 16 ++---- 3 files changed, 62 insertions(+), 46 deletions(-) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Password.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Password.pm index c61267f020..9a5f81160f 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Password.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Password.pm @@ -2,6 +2,9 @@ package Lemonldap::NG::Portal::Lib::Password; use strict; use Mouse::Role; +use Lemonldap::NG::Portal::Main::Constants qw( + PE_OK +); our $VERSION = '2.19.0'; @@ -12,6 +15,16 @@ has random => ( } ); +# Password policy activation rule +has passwordPolicyActivationRule => ( + is => 'ro', + lazy => 1, + default => sub { + $_[0]->p->buildRule( $_[0]->conf->{passwordPolicyActivation} // 0, + 'passwordPolicyActivation' ); + } +); + # Generate a complex password based on a regular expression # @param regexp regular expression sub gen_password { @@ -19,4 +32,47 @@ sub gen_password { return $self->random->randregex($regexp); } +sub newPassword { + my ( $self, $req, $sessionInfo ) = @_; + + # Generate a complex password + my $pwdRegEx; + if ( $self->passwordPolicyActivationRule->( $req, $sessionInfo ) + && !$self->conf->{randomPasswordRegexp} ) + { + my $uppers = $self->conf->{passwordPolicyMinUpper} || 3; + my $lowers = $self->conf->{passwordPolicyMinLower} || 5; + my $digits = $self->conf->{passwordPolicyMinDigit} || 2; + my $chars = + $self->conf->{passwordPolicyMinSize} - + $self->conf->{passwordPolicyMinUpper} - + $self->conf->{passwordPolicyMinLower} - + $self->conf->{passwordPolicyMinDigit}; + $chars = 1 if $chars < 1; + $pwdRegEx = "[A-Z]{$uppers}[a-z]{$lowers}\\d{$digits}"; + $pwdRegEx .= + $self->conf->{passwordPolicySpecialChar} eq '__ALL__' + ? '\W{$chars}' + : "[$self->{conf}->{passwordPolicySpecialChar}]{$chars}"; + $self->logger->debug("Generated password RegEx: $pwdRegEx"); + } + else { + $pwdRegEx = + $self->conf->{randomPasswordRegexp} || '[A-Z]{3}[a-z]{5}.\d{2}'; + $self->logger->debug("Used password RegEx: $pwdRegEx"); + } + return $self->gen_password($pwdRegEx); +} + +sub checkPasswordQuality { + my ( $self, $req, $pwd ) = @_; + require Lemonldap::NG::Portal::Plugins::BasePasswordPolicy; + return PE_OK + unless $self->passwordPolicyActivationRule->( $req, $req->sessionInfo ); + return + $self + ->Lemonldap::NG::Portal::Plugins::BasePasswordPolicy::checkBasicPolicy( + $pwd); +} + 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm index c59438fbf3..5cdf183505 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/MailPasswordReset.pm @@ -387,33 +387,7 @@ sub changePwd { $self->logger->debug( "Reset password request for $req->{sessionInfo}->{_user}"); - # Generate a complex password - my $pwdRegEx; - if ( $self->passwordPolicyActivationRule->( $req, $req->sessionInfo ) - && !$self->conf->{randomPasswordRegexp} ) - { - my $uppers = $self->conf->{passwordPolicyMinUpper} || 3; - my $lowers = $self->conf->{passwordPolicyMinLower} || 5; - my $digits = $self->conf->{passwordPolicyMinDigit} || 2; - my $chars = - $self->conf->{passwordPolicyMinSize} - - $self->conf->{passwordPolicyMinUpper} - - $self->conf->{passwordPolicyMinLower} - - $self->conf->{passwordPolicyMinDigit}; - $chars = 1 if $chars < 1; - $pwdRegEx = "[A-Z]{$uppers}[a-z]{$lowers}\\d{$digits}"; - $pwdRegEx .= - $self->conf->{passwordPolicySpecialChar} eq '__ALL__' - ? '\W{$chars}' - : "[$self->{conf}->{passwordPolicySpecialChar}]{$chars}"; - $self->logger->debug("Generated password RegEx: $pwdRegEx"); - } - else { - $pwdRegEx = - $self->conf->{randomPasswordRegexp} || '[A-Z]{3}[a-z]{5}.\d{2}'; - $self->logger->debug("Used password RegEx: $pwdRegEx"); - } - my $password = $self->gen_password($pwdRegEx); + my $password = $self->newPassword($req, $req->sessionInfo); $self->logger->debug("Generated password: $password"); $req->data->{newpassword} = $password; $req->data->{confirmpassword} = $password; @@ -438,13 +412,7 @@ sub changePwd { } # Check password quality if enabled - require Lemonldap::NG::Portal::Plugins::BasePasswordPolicy; - my $cpq = - $self->passwordPolicyActivationRule->( $req, $req->sessionInfo ) - ? $self - ->Lemonldap::NG::Portal::Plugins::BasePasswordPolicy::checkBasicPolicy( - $req->data->{newpassword} ) - : PE_OK; + my $cpq = $self->checkPasswordQuality($req, $req->data->{newpassword}); unless ( $cpq == PE_OK ) { $self->ott->setToken( $req, $req->sessionInfo ); return $cpq; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/_PasswordReset.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/_PasswordReset.pm index d4a68fbf08..7bb32e7d8b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/_PasswordReset.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/_PasswordReset.pm @@ -12,10 +12,10 @@ use Lemonldap::NG::Portal::Main::Constants qw( our $VERSION = '2.19.0'; extends 'Lemonldap::NG::Portal::Main::Plugin'; -with 'Lemonldap::NG::Portal::Lib::_tokenRule'; - -# Password policy activation rule -has passwordPolicyActivationRule => ( is => 'rw', default => sub { 0 } ); +with qw( + Lemonldap::NG::Portal::Lib::_tokenRule + Lemonldap::NG::Portal::Lib::Password +); # Mail timeout token generator # Form timout token generator (used even if requireToken is not set) @@ -50,14 +50,6 @@ sub init { $self->captcha(1); } - # Parse password policy activation rule - $self->passwordPolicyActivationRule( - $self->p->buildRule( - $self->conf->{passwordPolicyActivation}, - 'passwordPolicyActivation' - ) - ); - return $self->passwordPolicyActivationRule ? 1 : 0; }