Comunic/comunicmobile
1
0
Fork 0
mirror of https://gitlab.com/comunic/comunicmobile synced 2025-06-19 08:15:16 +00:00
Code Issues Projects Releases Wiki Activity

Implement password policy for account creation

Browse Source
This commit is contained in:
Pierre HUBERT
2021-02-18 18:20:50 +01:00
parent 482e938744
commit 277c08048d
4 changed files with 232 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
lib/ui/routes/create_account_route.dart
View File

@ -1,6 +1,9 @@
import 'package:comunic/helpers/account_helper.dart';
import 'package:comunic/helpers/server_config_helper.dart';
import 'package:comunic/models/config.dart';
import 'package:comunic/models/new_account.dart';
import 'package:comunic/ui/widgets/async_screen_widget.dart';
import 'package:comunic/ui/widgets/new_password_input_widget.dart';
import 'package:comunic/utils/input_utils.dart';
import 'package:comunic/utils/intl_utils.dart';
import 'package:comunic/utils/ui_utils.dart';
@ -34,7 +37,7 @@ class __CreateAccountRouteBodyState extends State<_CreateAccountRouteBody> {
final _firstNameController = TextEditingController();
final _lastNameController = TextEditingController();
final _emailController = TextEditingController();
final _passwordController = TextEditingController();
final _passwordInputKey = GlobalKey<NewPasswordInputWidgetState>();
final _verifyPasswordController = TextEditingController();
bool _acceptedTOS = false;
@ -49,10 +52,11 @@ class __CreateAccountRouteBodyState extends State<_CreateAccountRouteBody> {
bool get _isEmailValid => validateEmail(_emailController.text);
bool get _isPasswordValid => _passwordController.text.length > 3;
bool get _isPasswordValid => _passwordInputKey.currentState.valid;
bool get _isPasswordConfirmationValid =>
_passwordController.text == _verifyPasswordController.text;
_passwordInputKey.currentState != null &&
_passwordInputKey.currentState.value == _verifyPasswordController.text;
bool get _isFormValid =>
_isFirstNameValid &&
@ -69,10 +73,16 @@ class __CreateAccountRouteBodyState extends State<_CreateAccountRouteBody> {
? tr(
"Too many accounts have been created from this IP address for now. Please try again later.")
: tr(
"An error occured while creating your account. Please try again.");
"An error occurred while creating your account. Please try again.");
@override
Widget build(BuildContext context) {
Widget build(BuildContext context) => AsyncScreenWidget(
onReload: () => ServerConfigurationHelper.ensureLoaded(),
onBuild: () => _buildForm(),
errorMessage: tr("Failed to load server configuration !"),
);
Widget _buildForm() {
if (_isCreating)
return Center(
child: CircularProgressIndicator(),
@ -124,15 +134,14 @@ class __CreateAccountRouteBodyState extends State<_CreateAccountRouteBody> {
),
// Password
_InputEntry(
controller: _passwordController,
NewPasswordInputWidget(
key: _passwordInputKey,
label: tr("Password"),
onEdited: _updateUI,
icon: Icon(Icons.lock),
isPassword: true,
error: _showErrors && !_isPasswordValid
? tr("Invalid password!")
: null,
email: _emailController.text,
firstName: _firstNameController.text,
lastName: _lastNameController.text,
),
// Verify password
@ -206,7 +215,7 @@ class __CreateAccountRouteBodyState extends State<_CreateAccountRouteBody> {
firstName: _firstNameController.text,
lastName: _lastNameController.text,
email: _emailController.text,
password: _passwordController.text,
password: _passwordInputKey.currentState.value,
));
setState(() {

164
lib/ui/widgets/new_password_input_widget.dart Normal file
View File

@ -0,0 +1,164 @@
import 'package:comunic/helpers/server_config_helper.dart';
import 'package:comunic/models/server_config.dart';
import 'package:comunic/models/user.dart';
import 'package:comunic/utils/intl_utils.dart';
import 'package:comunic/utils/ui_utils.dart';
import 'package:flutter/material.dart';
/// New password input widget
///
/// @author Pierre Hubert
class NewPasswordInputWidget extends StatefulWidget {
final Widget icon;
final VoidCallback onEdited;
final String label;
final User user;
final String firstName;
final String lastName;
final String email;
const NewPasswordInputWidget({
Key key,
this.icon,
this.onEdited,
@required this.label,
this.user,
this.firstName,
this.lastName,
this.email,
}) : super(key: key);
@override
NewPasswordInputWidgetState createState() => NewPasswordInputWidgetState();
}
class NewPasswordInputWidgetState extends State<NewPasswordInputWidget> {
final TextEditingController _controller = TextEditingController();
bool _ready = false;
String get value => _controller.text;
bool get valid => _ready && value.isNotEmpty && (_errorMessage ?? "").isEmpty;
PasswordPolicy get _policy => ServerConfigurationHelper.config.passwordPolicy;
@override
void initState() {
super.initState();
_init();
}
/// Make sure server configuration is loaded
void _init() async {
try {
await ServerConfigurationHelper.ensureLoaded();
setState(() => _ready = true);
} catch (e, s) {
print("Failed to initialize NewPasswordInputWidget! : $e - $s");
showSimpleSnack(context, tr("Failed to retrieve server configuration!"));
}
}
@override
void didUpdateWidget(covariant NewPasswordInputWidget oldWidget) {
super.didUpdateWidget(oldWidget);
setState(() {});
}
@override
Widget build(BuildContext context) => TextField(
controller: _controller,
obscureText: true,
onChanged: (s) => _onChanged(),
decoration: InputDecoration(
errorText: _errorMessage,
errorMaxLines: 3,
icon: widget.icon,
labelText: widget.label,
),
);
void _onChanged() {
setState(() {});
if (widget.onEdited != null) widget.onEdited();
}
/// Generate an error message associated with current password
String get _errorMessage {
if (!_ready || value.isEmpty) return null;
// Mandatory checks
if (!_policy.allowMailInPassword &&
(widget.email ?? "").isNotEmpty &&
(widget.email.toLowerCase().contains(value.toLowerCase()) ||
value.toLowerCase().contains(widget.email.toLowerCase()))) {
return tr("Your password must not contains part of your email address!");
}
if (!_policy.allowMailInPassword &&
(widget.email ?? "").isNotEmpty &&
(widget.email.toLowerCase().contains(value.toLowerCase()) ||
value.toLowerCase().contains(widget.email.toLowerCase()))) {
return tr("Your password must not contains part of your email address!");
}
if (!_policy.allowNameInPassword &&
(widget.firstName ?? "").isNotEmpty &&
value.toLowerCase().contains(widget.firstName.toLowerCase())) {
return tr("Your password must not contains your first name!");
}
if (!_policy.allowNameInPassword &&
(widget.lastName ?? "").isNotEmpty &&
value.toLowerCase().contains(widget.lastName.toLowerCase())) {
return tr("Your password must not contains your last name!");
}
if (_policy.minPasswordLength > value.length) {
return tr(
"Your password must be composed of at least %num% characters!",
args: {
"num": _policy.minPasswordLength.toString(),
},
);
}
// Characteristics check
var count = 0;
if (_hasCharacteristic(RegExp(r'[A-Z]'), _policy.minNumberUpperCaseLetters))
count++;
if (_hasCharacteristic(RegExp(r'[a-z]'), _policy.minNumberLowerCaseLetters))
count++;
if (_hasCharacteristic(RegExp(r'[0-9]'), _policy.minNumberDigits)) count++;
if (_hasCharacteristic(
RegExp(r'[^A-Za-z0-9]'), _policy.minNumberSpecialCharacters)) count++;
if (count >= _policy.minCategoriesPresence) return null;
return tr(
"Your password must contains characters of at least %num% of the following categories : %upper% upper case letter, %lower% lowercase letter, %digit% digit, %special% special character.",
args: {
"num": (_policy.minCategoriesPresence == 4
? tr("ALL")
: _policy.minCategoriesPresence.toString()),
"upper": _policy.minNumberUpperCaseLetters.toString(),
"lower": _policy.minNumberLowerCaseLetters.toString(),
"digit": _policy.minNumberDigits.toString(),
"special": _policy.minNumberSpecialCharacters.toString(),
},
);
}
bool _hasCharacteristic(RegExp exp, int requiredCount) {
if (requiredCount < 1) return true;
return exp.allMatches(value).length >= requiredCount;
}
}