Skip to content

Commit

Permalink
feat: Reduce password strength verification when using on the intranet (
Browse files Browse the repository at this point in the history
  • Loading branch information
jeessy2 authored Jan 10, 2024
1 parent 76c0bec commit 8b508c6
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 13 deletions.
5 changes: 0 additions & 5 deletions web/password.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,6 @@ const (
digitsChars = `0123456789`
)

// validate 检查密码强度是否大于最低要求(50)。如果不是则返回错误并说明如何加强密码。向客户端显示此错误是安全的。
func validate(password string) error {
return validatePassword(password, 50)
}

// validatePassword 在密码大于或等于 minEntropy 时返回 nil。如果不是则返回错误。
// 这解释了如何加强密码。向客户端显示此错误是安全的。
//
Expand Down
20 changes: 12 additions & 8 deletions web/save.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,14 +50,6 @@ func checkAndSave(request *http.Request) string {

}

// 如果密码不为空则检查是否够强
if passwordNew != "" {
err = validate(passwordNew)
if err != nil {
return err.Error()
}
}

conf.NotAllowWanAccess = request.FormValue("NotAllowWanAccess") == "on"
conf.Username = usernameNew
conf.Password = passwordNew
Expand All @@ -70,6 +62,18 @@ func checkAndSave(request *http.Request) string {
return "启用外网访问, 必须输入登录用户名/密码"
}

// 如果密码不为空则检查是否够强, 内/外网要求强度不同
if passwordNew != "" {
var minEntropyBits float64 = 50
if conf.NotAllowWanAccess {
minEntropyBits = 25
}
err = validatePassword(passwordNew, minEntropyBits)
if err != nil {
return err.Error()
}
}

dnsConfFromJS := []dnsConf4JS{}
err = json.Unmarshal([]byte(request.FormValue("DnsConf")), &dnsConfFromJS)
if err != nil {
Expand Down

0 comments on commit 8b508c6

Please sign in to comment.