oldkid/friendica
1
0
Fork 0
mirror of https://git.sekbaer.de/Friendica/friendica.git synced 2025-06-07 15:54:26 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add password length limit if using the Blowfish hashing algorithm

Browse source 
- Add new page to reset a password that would be too long
- Add support for pattern parameter in field_password
This commit is contained in:
Hypolite Petovan 2022-08-01 11:42:10 -04:00
parent 067f06b166
commit 49394aedeb
8 changed files with 169 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/Security/Authentication.php
View file

@ -291,8 +291,14 @@ class Authentication
$this->dba->update('user', ['openid' => $openid_identity, 'openidserver' => $openid_server], ['uid' => $record['uid']]);
}
$this->setForUser($a, $record, true, true);
/**
* @see User::getPasswordRegExp()
*/
if (PASSWORD_DEFAULT === PASSWORD_BCRYPT && strlen($password) > 72) {
$return_path = '/security/password_too_long?' . http_build_query(['return_path' => $return_path]);
}
$this->setForUser($a, $record, true, true);
$this->baseUrl->redirect($return_path);
}