Commit 466b6a32 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛
Browse files

Avoid to store passwords (#2557)

parent c084cc28
Pipeline #14466 passed with stage
in 11 minutes and 12 seconds
......@@ -244,6 +244,7 @@ sub display {
PING => $self->conf->{portalPingInterval},
REQUIRE_OLDPASSWORD =>
$self->requireOldPwd->( $req, $req->userData ),
DONT_STORE_PASSWORD => $self->conf->{browsersDontStorePassword},
HIDE_OLDPASSWORD => 0,
PPOLICY_NOPOLICY => !$self->isPP(),
DISPLAY_PPOLICY => $self->conf->{portalDisplayPasswordPolicy},
......@@ -443,6 +444,7 @@ sub display {
$req->data->{oldpassword} ) ? ""
: $req->data->{oldpassword},
HIDE_OLDPASSWORD => $self->conf->{hideOldPassword},
DONT_STORE_PASSWORD => $self->conf->{browsersDontStorePassword},
PPOLICY_NOPOLICY => !$self->isPP(),
DISPLAY_PPOLICY => $self->conf->{portalDisplayPasswordPolicy},
PPOLICY_MINSIZE => $self->conf->{passwordPolicyMinSize},
......
......@@ -537,25 +537,50 @@ $(window).on 'load', () ->
# Functions to show/hide change password inputs
$('#show-hide-button').on 'click', () ->
if $("#newpassword").attr('type') == 'password'
console.log 'Show passwords'
$("#newpassword").attr('type', 'input')
$("#confirmpassword").attr('type', 'input')
$("#show-hide-icon-button").toggleClass("fa-eye fa-eye-slash")
if $("#newpassword").attr('autocomplete') == 'off'
if $("#newpassword").attr('class') == 'form-control key' || $("#confirmpassword").attr('class') == 'form-control key'
console.log 'Show passwords'
$("#newpassword").attr('class', 'form-control')
$("#confirmpassword").attr('class', 'form-control')
$("#show-hide-icon-button").attr('class', 'fa fa-eye-slash')
else
console.log 'Hide passwords'
$("#newpassword").attr('class', 'form-control key') if $("#newpassword").get(0).value
$("#confirmpassword").attr('class', 'form-control key') if $("#confirmpassword").get(0).value
$("#show-hide-icon-button").attr('class', 'fa fa-eye') if ($("#newpassword").get(0).value || $("#confirmpassword").get(0).value)
else
console.log 'Hide passwords'
$("#newpassword").attr('type', 'password')
$("#confirmpassword").attr('type', 'password')
$("#show-hide-icon-button").toggleClass("fa-eye fa-eye-slash")
if $("#newpassword").attr('type') == 'password'
console.log 'Show passwords'
$("#newpassword").attr('type', 'text')
$("#confirmpassword").attr('type', 'text')
$("#show-hide-icon-button").attr('class', 'fa fa-eye-slash')
else
console.log 'Hide passwords'
$("#newpassword").attr('type', 'password')
$("#confirmpassword").attr('type', 'password')
$("#show-hide-icon-button").attr('class', 'fa fa-eye')
# Functions to show/hide placeholder password inputs
$('#passwordfield').on 'input', () ->
if $('#passwordfield').get(0).value && $('#passwordfield').attr('type') == 'text'
$("#passwordfield").removeClass 'form-control'
$("#passwordfield").addClass 'form-control key'
if $('#passwordfield').get(0).value && $("#passwordfield").attr('autocomplete') == 'off'
$("#passwordfield").attr('class', 'form-control key')
else
$("#passwordfield").attr('class', 'form-control')
$('#oldpassword').on 'input', () ->
if $('#oldpassword').get(0).value && $('#oldpassword').attr('autocomplete') == 'off'
$("#oldpassword").attr('class', 'form-control key')
else
$("#oldpassword").attr('class', 'form-control')
$('#newpassword').on 'input', () ->
if $('#newpassword').get(0).value && $('#newpassword').attr('autocomplete') == 'off'
$("#newpassword").attr('class', 'form-control key') if $("#show-hide-icon-button").attr('class') == 'fa fa-eye'
else
$("#newpassword").attr('class', 'form-control')
$('#confirmpassword').on 'input', () ->
if $('#confirmpassword').get(0).value && $('#confirmpassword').attr('autocomplete') == 'off'
$("#confirmpassword").attr('class', 'form-control key') if $("#show-hide-icon-button").attr('class') == 'fa fa-eye'
else
$("#passwordfield").removeClass 'form-control key'
$("#passwordfield").addClass 'form-control'
$("#confirmpassword").attr('class', 'form-control')
#$('#formpass').on 'submit', changePwd
......
......@@ -583,25 +583,68 @@ LemonLDAP::NG Portal jQuery scripts
return removeOidcConsent($(this).attr('partner'));
});
$('#show-hide-button').on('click', function() {
if ($("#newpassword").attr('type') === 'password') {
console.log('Show passwords');
$("#newpassword").attr('type', 'input');
$("#confirmpassword").attr('type', 'input');
return $("#show-hide-icon-button").toggleClass("fa-eye fa-eye-slash");
if ($("#newpassword").attr('autocomplete') === 'off') {
if ($("#newpassword").attr('class') === 'form-control key' || $("#confirmpassword").attr('class') === 'form-control key') {
console.log('Show passwords');
$("#newpassword").attr('class', 'form-control');
$("#confirmpassword").attr('class', 'form-control');
return $("#show-hide-icon-button").attr('class', 'fa fa-eye-slash');
} else {
console.log('Hide passwords');
if ($("#newpassword").get(0).value) {
$("#newpassword").attr('class', 'form-control key');
}
if ($("#confirmpassword").get(0).value) {
$("#confirmpassword").attr('class', 'form-control key');
}
if ($("#newpassword").get(0).value || $("#confirmpassword").get(0).value) {
return $("#show-hide-icon-button").attr('class', 'fa fa-eye');
}
}
} else {
console.log('Hide passwords');
$("#newpassword").attr('type', 'password');
$("#confirmpassword").attr('type', 'password');
return $("#show-hide-icon-button").toggleClass("fa-eye fa-eye-slash");
if ($("#newpassword").attr('type') === 'password') {
console.log('Show passwords');
$("#newpassword").attr('type', 'text');
$("#confirmpassword").attr('type', 'text');
return $("#show-hide-icon-button").attr('class', 'fa fa-eye-slash');
} else {
console.log('Hide passwords');
$("#newpassword").attr('type', 'password');
$("#confirmpassword").attr('type', 'password');
return $("#show-hide-icon-button").attr('class', 'fa fa-eye');
}
}
});
$('#passwordfield').on('input', function() {
if ($('#passwordfield').get(0).value && $('#passwordfield').attr('type') === 'text') {
$("#passwordfield").removeClass('form-control');
return $("#passwordfield").addClass('form-control key');
if ($('#passwordfield').get(0).value && $("#passwordfield").attr('autocomplete') === 'off') {
return $("#passwordfield").attr('class', 'form-control key');
} else {
return $("#passwordfield").attr('class', 'form-control');
}
});
$('#oldpassword').on('input', function() {
if ($('#oldpassword').get(0).value && $('#oldpassword').attr('autocomplete') === 'off') {
return $("#oldpassword").attr('class', 'form-control key');
} else {
return $("#oldpassword").attr('class', 'form-control');
}
});
$('#newpassword').on('input', function() {
if ($('#newpassword').get(0).value && $('#newpassword').attr('autocomplete') === 'off') {
if ($("#show-hide-icon-button").attr('class') === 'fa fa-eye') {
return $("#newpassword").attr('class', 'form-control key');
}
} else {
return $("#newpassword").attr('class', 'form-control');
}
});
$('#confirmpassword').on('input', function() {
if ($('#confirmpassword').get(0).value && $('#confirmpassword').attr('autocomplete') === 'off') {
if ($("#show-hide-icon-button").attr('class') === 'fa fa-eye') {
return $("#confirmpassword").attr('class', 'form-control key');
}
} else {
$("#passwordfield").removeClass('form-control key');
return $("#passwordfield").addClass('form-control');
return $("#confirmpassword").attr('class', 'form-control');
}
});
$('#resetfinduserform').on('click', function() {
......
......@@ -26,7 +26,6 @@
</TMPL_IF>
<TMPL_IF NAME="REQUIRE_OLDPASSWORD">
<TMPL_IF NAME="HIDE_OLDPASSWORD">
<input id="oldpassword" name="oldpassword" type="hidden" value="<TMPL_VAR NAME=OLDPASSWORD>" aria-required="true">
<TMPL_ELSE>
......@@ -34,10 +33,13 @@
<div class="input-group-prepend">
<span class="input-group-text"><label for="oldpassword" class="mb-0"><i class="fa fa-lock"></i></label></span>
</div>
<input id="oldpassword" name="oldpassword" type="password" value="<TMPL_VAR NAME=OLDPASSWORD>" class="form-control" trplaceholder="currentPwd" required aria-required="true">
<TMPL_IF NAME="DONT_STORE_PASSWORD">
<input id="oldpassword" name="oldpassword" type="text" value="<TMPL_VAR NAME=OLDPASSWORD>" class="form-control" trplaceholder="currentPwd" autocomplete="off" required aria-required="true">
<TMPL_ELSE>
<input id="oldpassword" name="oldpassword" type="password" value="<TMPL_VAR NAME=OLDPASSWORD>" class="form-control" trplaceholder="currentPwd" required aria-required="true">
</TMPL_IF>
</div>
</TMPL_IF>
</TMPL_IF>
<TMPL_IF NAME="DISPLAY_PPOLICY"><TMPL_INCLUDE NAME="passwordpolicy.tpl"></TMPL_IF>
......@@ -46,15 +48,22 @@
<div class="input-group-prepend">
<span class="input-group-text"><label for="newpassword" class="mb-0"><i class="fa fa-lock"></i></label></span>
</div>
<input id="newpassword" name="newpassword" type="password" class="form-control" trplaceholder="newPassword" required aria-required="true"/>
<TMPL_IF NAME="DONT_STORE_PASSWORD">
<input id="newpassword" name="newpassword" type="text" class="form-control" trplaceholder="newPassword" autocomplete="off" required aria-required="true"/>
<TMPL_ELSE>
<input id="newpassword" name="newpassword" type="password" class="form-control" trplaceholder="newPassword" required aria-required="true"/>
</TMPL_IF>
</div>
<div class="form-group input-group">
<div class="input-group-prepend">
<span class="input-group-text"><label for="confirmpassword" class="mb-0"><i class="fa fa-lock"></i></label></span>
</div>
<input id="confirmpassword" name="confirmpassword" type="password" class="form-control" trplaceholder="confirmPwd" required aria-required="true"/>
<TMPL_IF NAME="DONT_STORE_PASSWORD">
<input id="confirmpassword" name="confirmpassword" type="text" class="form-control" trplaceholder="confirmPwd" autocomplete="off" required aria-required="true"/>
<TMPL_ELSE>
<input id="confirmpassword" name="confirmpassword" type="password" class="form-control" trplaceholder="confirmPwd" required aria-required="true"/>
</TMPL_IF>
</div>
<div class="buttons">
<button type="submit" class="btn btn-success">
<span class="fa fa-check-circle"></span>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment