diff --git a/Makefile b/Makefile
index 98e92d0..7e09867 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,5 @@
REPO=npenkov/docker-ldap-passwd-webui
-VER=1.0
+VER=1.2
.PHONY: all build push
diff --git a/README.md b/README.md
index b19a63f..a79e493 100644
--- a/README.md
+++ b/README.md
@@ -16,6 +16,8 @@ docker run -d -p 8080:8080 --name ldap-passwd-webui \
-e LPW_SSL_SKIP_VERIFY="true" \
-e LPW_USER_DN="uid=%s,ou=people,dc=example,dc=org" \
-e LPW_USER_BASE="ou=people,dc=example,dc=org" \
+ -e LPW_PATTERN='.{8,}' \
+ -e LPW_PATTERN_INFO="Password must be at least 8 characters long." \
npenkov/docker-ldap-passwd-webui:latest
```
diff --git a/app/util.go b/app/util.go
index 187ef06..9c55e5d 100644
--- a/app/util.go
+++ b/app/util.go
@@ -9,6 +9,14 @@ func getTitle() string {
return envStr("LPW_TITLE", "Change your password on example.org")
}
+func getPattern() string {
+ return envStr("LPW_PATTERN", ".{8,}")
+}
+
+func getPatternInfo() string {
+ return envStr("LPW_PATTERN_INFO", "Password must be at least 8 characters long.")
+}
+
func envStr(key, defaultValue string) string {
val := os.Getenv(key)
if val != "" {
diff --git a/app/web.go b/app/web.go
index c8a2ae0..022b710 100644
--- a/app/web.go
+++ b/app/web.go
@@ -43,9 +43,11 @@ func (h *RegexpHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
}
type pageData struct {
- Title string
- Username string
- Alerts map[string]string
+ Title string
+ Pattern string
+ PatternInfo string
+ Username string
+ Alerts map[string]string
}
// ServeAssets : Serves the static assets
@@ -55,7 +57,7 @@ func ServeAssets(w http.ResponseWriter, req *http.Request) {
// ServeIndex : Serves index page on GET request
func ServeIndex(w http.ResponseWriter, req *http.Request) {
- p := &pageData{Title: getTitle()}
+ p := &pageData{Title: getTitle(), Pattern: getPattern(), PatternInfo: getPatternInfo()}
t, e := template.ParseFiles(path.Join("templates", "index.html"))
if e != nil {
log.Printf("Error parsing file %v\n", e)
@@ -76,23 +78,28 @@ func ChangePassword(w http.ResponseWriter, req *http.Request) {
alerts := map[string]string{}
if len(username) < 1 || username[0] == "" {
- alerts["error"] = "Username not specified.
"
+ alerts["error"] = "Username not specified."
} else {
un = username[0]
}
if len(oldPassword) < 1 || oldPassword[0] == "" {
- alerts["error"] = alerts["error"] + "Old password not specified.
"
+ alerts["error"] = alerts["error"] + "Old password not specified."
}
if len(newPassword) < 1 || newPassword[0] == "" {
- alerts["error"] = alerts["error"] + "New password not specified.
"
+ alerts["error"] = alerts["error"] + "New password not specified."
}
if len(confirmPassword) < 1 || confirmPassword[0] == "" {
- alerts["error"] = alerts["error"] + "Confirmation password not specified.
"
+ alerts["error"] = alerts["error"] + "Confirmation password not specified."
}
if len(confirmPassword) >= 1 && len(newPassword) >= 1 && strings.Compare(newPassword[0], confirmPassword[0]) != 0 {
- alerts["error"] = alerts["error"] + "New and confirmation passwords does not match.
"
+ alerts["error"] = alerts["error"] + "New and confirmation passwords does not match."
}
+
+ if m, _ := regexp.MatchString(getPattern(), newPassword[0]); !m {
+ alerts["error"] = alerts["error"] + fmt.Sprintf("%s", getPatternInfo())
+ }
+
if len(alerts) == 0 {
client := NewLDAPClient()
if err := client.ModifyPassword(un, oldPassword[0], newPassword[0]); err != nil {
diff --git a/templates/index.html b/templates/index.html
index c9509ae..9e3d357 100644
--- a/templates/index.html
+++ b/templates/index.html
@@ -24,12 +24,12 @@
+ pattern="{{.Pattern}}" x-moz-errormessage="{{.PatternInfo}}" required>
-
+ pattern="{{.Pattern}}" x-moz-errormessage="{{.PatternInfo}}" required>
+ {{.PatternInfo}}