fix(pwd) EE-3161 ease the minimum password restrictions to 12 characters (#6921)

* fix(pwd): EE-3161 ease the minimum password restrictions to 12 characters
2022-05-12 13:17:01 +12:00 · 2022-05-12 13:17:01 +12:00 · 16f8b737f1
parent d9d1d6bfaa
commit 16f8b737f1
5 changed files with 7 additions and 65 deletions
--- a/api/internal/passwordutils/strengthCheck.go
+++ b/api/internal/passwordutils/strengthCheck.go
@ -1,33 +1,11 @@
 package passwordutils

-import (
-	"regexp"
-)
-
 const MinPasswordLen = 12

 func lengthCheck(password string) bool {
 	return len(password) >= MinPasswordLen
 }

-func comboCheck(password string) bool {
-	count := 0
-	regexps := [4]*regexp.Regexp{
-		regexp.MustCompile(`[a-z]`),
-		regexp.MustCompile(`[A-Z]`),
-		regexp.MustCompile(`[0-9]`),
-		regexp.MustCompile(`[\W_]`),
-	}
-
-	for _, re := range regexps {
-		if re.FindString(password) != "" {
-			count += 1
-		}
-	}
-
-	return count >= 3
-}
-
 func StrengthCheck(password string) bool {
-	return lengthCheck(password) && comboCheck(password)
+	return lengthCheck(password)
 }
--- a/api/internal/passwordutils/strengthCheck_test.go
+++ b/api/internal/passwordutils/strengthCheck_test.go
@ -13,9 +13,9 @@ func TestStrengthCheck(t *testing.T) {
 	}{
 		{"Empty password", args{""}, false},
 		{"Short password", args{"portainer"}, false},
-		{"Short password", args{"portaienr!@#"}, false},
+		{"Short password", args{"portaienr!@#"}, true},
 		{"Week password", args{"12345678!@#"}, false},
-		{"Week password", args{"portaienr123"}, false},
+		{"Week password", args{"portaienr123"}, true},
 		{"Good password", args{"Portainer123"}, true},
 		{"Good password", args{"Portainer___"}, true},
 		{"Good password", args{"^portainer12"}, true},
--- a/app/portainer/components/PasswordCheckHint.tsx
+++ b/app/portainer/components/PasswordCheckHint.tsx
@ -2,17 +2,6 @@ import { react2angular } from '@/react-tools/react2angular';

 import { MinPasswordLen } from '../helpers/password';

-function PasswordCombination() {
-  return (
-    <ul className="text-muted">
-      <li className="ml-8"> Special characters </li>
-      <li className="ml-8"> Lower case characters </li>
-      <li className="ml-8"> Upper case characters </li>
-      <li className="ml-8"> Numeric characters </li>
-    </ul>
-  );
-}
-
 export function ForcePasswordUpdateHint() {
  return (
    <div>
@ -25,11 +14,8 @@ export function ForcePasswordUpdateHint() {
      </p>

      <p className="text-muted">
-        The password must be at least {MinPasswordLen} characters long,
-        including a combination of one character of three of the below:
+        The password must be at least {MinPasswordLen} characters long.
      </p>
-
-      <PasswordCombination />
    </div>
  );
 }
@ -42,12 +28,9 @@ export function PasswordCheckHint() {
          {' '}
        </i>
        <span>
-          The password must be at least {MinPasswordLen} characters long,
-          including a combination of one character of three of the below:
+          The password must be at least {MinPasswordLen} characters long.
        </span>
      </p>
-
-      <PasswordCombination />
    </div>
  );
 }
--- a/app/portainer/helpers/password.ts
+++ b/app/portainer/helpers/password.ts
@ -4,19 +4,6 @@ function lengthCheck(password: string) {
  return password.length >= MinPasswordLen;
 }

-function comboCheck(password: string) {
-  let count = 0;
-  const regexps = [/[a-z]/, /[A-Z]/, /[0-9]/, /[\W_]/];
-
-  regexps.forEach((re) => {
-    if (password.match(re) != null) {
-      count += 1;
-    }
-  });
-
-  return count >= 3;
-}
-
 export function StrengthCheck(password: string) {
-  return lengthCheck(password) && comboCheck(password);
+  return lengthCheck(password);
 }
--- a/app/portainer/views/init/admin/initAdmin.html
+++ b/app/portainer/views/init/admin/initAdmin.html
@ -68,14 +68,8 @@
                <!-- it is a workaround for firefox that does not render component <force-password-update-hint>  -->
                <p>
                  <i class="fa fa-times red-icon space-right" aria-hidden="true"></i>
-                  <span>The password must be at least {{ MinPasswordLen }} characters long, including a combination of one character of three of the below:</span>
+                  <span>The password must be at least {{ MinPasswordLen }} characters long.</span>
                </p>
-                <ul>
-                  <li class="ml-8"> Special characters </li>
-                  <li class="ml-8"> Lower case characters </li>
-                  <li class="ml-8"> Upper case characters </li>
-                  <li class="ml-8"> Numeric characters </li>
-                </ul>
              </div>
            </div>
            <!-- !note -->