mirror of
https://github.com/gophish/gophish
synced 2024-11-14 16:27:23 +00:00
bb7de8df3e
This PR adds the initial work to implement a password policy as defined in #1538. Specifically, this implements the following * Rate limiting for the login handler * Implementing the ability for system admins to require a user to reset their password * Implementing a password policy that requires passwords to be a minimum of 8 characters * Removes the default password (gophish) for admin users to instead have the password randomly generated when Gophish first starts up * Adds a password strength meter when choosing a new password Fixes #1538
41 lines
1.1 KiB
Go
41 lines
1.1 KiB
Go
package auth
|
|
|
|
import (
|
|
"testing"
|
|
)
|
|
|
|
func TestPasswordPolicy(t *testing.T) {
|
|
candidate := "short"
|
|
got := CheckPasswordPolicy(candidate)
|
|
if got != ErrPasswordTooShort {
|
|
t.Fatalf("unexpected error received. expected %v got %v", ErrPasswordTooShort, got)
|
|
}
|
|
|
|
candidate = "valid password"
|
|
got = CheckPasswordPolicy(candidate)
|
|
if got != nil {
|
|
t.Fatalf("unexpected error received. expected %v got %v", nil, got)
|
|
}
|
|
}
|
|
|
|
func TestValidatePasswordChange(t *testing.T) {
|
|
newPassword := "valid password"
|
|
confirmPassword := "invalid"
|
|
currentPassword := "current password"
|
|
currentHash, err := GeneratePasswordHash(currentPassword)
|
|
if err != nil {
|
|
t.Fatalf("unexpected error generating password hash: %v", err)
|
|
}
|
|
|
|
_, got := ValidatePasswordChange(currentHash, newPassword, confirmPassword)
|
|
if got != ErrPasswordMismatch {
|
|
t.Fatalf("unexpected error received. expected %v got %v", ErrPasswordMismatch, got)
|
|
}
|
|
|
|
newPassword = currentPassword
|
|
confirmPassword = newPassword
|
|
_, got = ValidatePasswordChange(currentHash, newPassword, confirmPassword)
|
|
if got != ErrReusedPassword {
|
|
t.Fatalf("unexpected error received. expected %v got %v", ErrReusedPassword, got)
|
|
}
|
|
}
|