From aa2bfac3e51007ab0573edaf84ad09d68cba0b77 Mon Sep 17 00:00:00 2001 From: Miguel N Date: Wed, 6 Jan 2021 03:48:14 +0000 Subject: [PATCH] Show current pw policy in register page Also adds a warning for when pw policy is set to off --- .../Controllers/Auth/RegisterController.php | 2 +- resources/views/auth/register.blade.php | 66 ++++++++++++------- .../administration/settings.blade.php | 20 ++++++ 3 files changed, 63 insertions(+), 25 deletions(-) diff --git a/app/Http/Controllers/Auth/RegisterController.php b/app/Http/Controllers/Auth/RegisterController.php index 8e8c0cd..41af9f2 100755 --- a/app/Http/Controllers/Auth/RegisterController.php +++ b/app/Http/Controllers/Auth/RegisterController.php @@ -94,7 +94,7 @@ class RegisterController extends Controller break; case 'medium': - $password = ['required', 'string', 'confirmed', 'regex:/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[#?!@$%^&*-]).{10,}$/']; + $password = ['required', 'string', 'confirmed', 'regex:/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[#?!@$%^&*-]).{12,}$/']; break; case 'high': diff --git a/resources/views/auth/register.blade.php b/resources/views/auth/register.blade.php index 299c279..f04ad44 100755 --- a/resources/views/auth/register.blade.php +++ b/resources/views/auth/register.blade.php @@ -14,27 +14,41 @@ {{ config('adminlte.logo') }}

{{__('messages.register_acc')}}

-
- × -

{{__('messages.pwsec.line1')}}

-

{{__('messages.pwsec.line2')}}

+ + @if(\App\Facades\Options::getOption('pw_security_policy') !== 'off') + +
+ × +

{{__('messages.pwsec.line1')}}

+

{{__('messages.pwsec.line2')}}

+ +

{{__('messages.pwsec.line3')}}

+
    + @switch(\App\Facades\Options::getOption('pw_security_policy')) + + @case('low') +
  • A minimum of 10 characters
    • + @break + + @case('medium') +
  • A minimum of 12 characters;
    • +
  • At least one special character;
    • +
  • Lower case and upper case characters
    • + @break + + @case('high') +
  • A minimum of 20 characters;
    • +
  • At least one special character;
    • +
  • Lower case and upper case characters
    • +
  • At least one numerical character
    • + @break + + @endswitch +
+
+ + @endif -

{{__('messages.pwsec.line3')}}

- -
@csrf
@@ -54,10 +68,14 @@
-
- - -
+ + @if(\App\Facades\Options::getOption('requireGameLicense') && \App\Facades\Options::getOption('currentGame') == 'MINECRAFT') +
+ + +
+ @endif +

{{__('messages.have_account')}} {{__('messages.login_here')}}

diff --git a/resources/views/dashboard/administration/settings.blade.php b/resources/views/dashboard/administration/settings.blade.php index 39a77ea..8bccefa 100755 --- a/resources/views/dashboard/administration/settings.blade.php +++ b/resources/views/dashboard/administration/settings.blade.php @@ -90,6 +90,26 @@ + @if($security['secPolicy'] == 'off') + +
+ +
+ +
+ +

DANGER: Insecure security policy

+ +

Your current password security policy is set to off. This allows users to choose potentially unsafe passwords.

+

We strongly recommend you update this value to Low or Medium.

+ +
+ +
+ +
+ + @endif