Skip to content

Commit 0f88011

Browse files
nickygerritsennickygerritsen
committed
Check for minimum password length upon self registration.
Fixes #2458.
1 parent 93f05c3 commit 0f88011

File tree

4 files changed

+24
-5
lines changed

4 files changed

+24
-5
lines changed

webapp/src/Controller/SecurityController.php

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
namespace App\Controller;
44

5+
use App\Controller\Jury\UserController;
56
use App\Entity\Team;
67
use App\Entity\TeamAffiliation;
78
use App\Entity\TeamCategory;
@@ -12,6 +13,7 @@
1213
use Doctrine\ORM\EntityManagerInterface;
1314
use Ramsey\Uuid\Uuid;
1415
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
16+
use Symfony\Component\Form\FormInterface;
1517
use Symfony\Component\HttpFoundation\Request;
1618
use Symfony\Component\HttpFoundation\Response;
1719
use Symfony\Component\HttpKernel\Exception\HttpException;
@@ -103,7 +105,12 @@ public function registerAction(
103105
$registration_form->handleRequest($request);
104106
if ($registration_form->isSubmitted() && $registration_form->isValid()) {
105107
$plainPass = $registration_form->get('plainPassword')->getData();
106-
$password = $passwordHasher->hashPassword($user, $plainPass);
108+
if (strlen($plainPass) < UserController::MIN_PASSWORD_LENGTH) {
109+
$this->addFlash('danger', "Password should be " . UserController::MIN_PASSWORD_LENGTH . "+ chars.");
110+
return $this->redirectToRoute('register');
111+
}
112+
113+
$password = $passwordHasher->hashPassword($user, $plainPass);
107114
$user->setPassword($password);
108115
if ($user->getName() === null) {
109116
$user->setName($user->getUsername());

webapp/src/Form/Type/UserRegistrationType.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22

33
namespace App\Form\Type;
44

5+
use App\Controller\Jury\UserController;
56
use App\Entity\Role;
67
use App\Entity\Team;
78
use App\Entity\TeamAffiliation;
@@ -171,6 +172,7 @@ public function buildForm(FormBuilderInterface $builder, array $options): void
171172
'placeholder' => 'Password',
172173
'autocomplete' => 'new-password',
173174
'spellcheck' => 'false',
175+
'minlength' => UserController::MIN_PASSWORD_LENGTH,
174176
],
175177
],
176178
'second_options' => [
@@ -179,6 +181,7 @@ public function buildForm(FormBuilderInterface $builder, array $options): void
179181
'placeholder' => 'Repeat Password',
180182
'autocomplete' => 'new-password',
181183
'spellcheck' => 'false',
184+
'minlength' => UserController::MIN_PASSWORD_LENGTH,
182185
],
183186
],
184187
'mapped' => false,

webapp/templates/security/register.html.twig

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,15 @@
1313
<main>
1414
<div style="text-align: center;">
1515
<img class="mb-4" src="{{ asset('images/DOMjudgelogo.svg') }}" alt="DOMjudge" width="72">
16+
</div>
17+
<div class="container-fluid">
18+
<div class="row">
19+
<div class="col-12">
20+
{% block messages %}
21+
{% include 'partials/messages.html.twig' %}
22+
{% endblock %}
23+
</div>
24+
</div>
1625
</div>
1726
{{ form_start(registration_form, { 'attr': {'class': 'form-signin'} }) }}
1827
<h1 class="h3 mb-3 fw-normal">Register Account</h1>

webapp/tests/Unit/Controller/PublicControllerTest.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -210,17 +210,17 @@ public function selfRegisterProvider(): Generator
210210
continue;
211211
}
212212
yield[['username'=>'minimaluser', 'teamName'=>'NewTeam','affiliation'=>'none'],'shirt-recognize-bar-together', $fixtures, $category];
213-
yield[['username'=>'bruteforce', 'teamName'=>'Fib(4)','affiliation'=>'none'],'0112', $fixtures, $category];
214-
yield[['username'=>'fullUser', 'name'=>'Full User', 'email'=>'[email protected]','teamName'=>'Trial','affiliation'=>'none'],'.', $fixtures, $category];
213+
yield[['username'=>'bruteforce', 'teamName'=>'Fib(4)','affiliation'=>'none'],'0112345678', $fixtures, $category];
214+
yield[['username'=>'fullUser', 'name'=>'Full User', 'email'=>'[email protected]','teamName'=>'Trial','affiliation'=>'none'],'..........', $fixtures, $category];
215215
yield[['username'=>'student@', 'teamName'=>'Student@Uni',
216216
'affiliation'=>'new','affiliationName'=>'NewUni','affiliationShortName'=>'nu'],'p@ssword_Is_long', $fixtures, $category];
217217
yield[['username'=>'winner@', 'teamName'=>'FunnyTeamname',
218218
'affiliation'=>'new','affiliationName'=>'SomeUni','affiliationShortName'=>'su','affiliationCountry'=>'SUR'],'p@ssword_Is_long', $fixtures, $category];
219219
yield[['username'=>'klasse', 'teamName'=>'Klasse', 'affiliation'=>'existing','existingAffiliation'=>'1'],'p@ssword_Is_long', $fixtures, $category];
220220
yield[['username'=>'newinstsamecountry', 'name'=>'CompetingDutchTeam', 'teamName'=>'SupperT3@m','affiliation'=>'new','affiliationName'=>'Vrije Universiteit',
221-
'affiliationShortName'=>'vu','affiliationCountry'=>'NLD'],'demo', $fixtures, $category];
221+
'affiliationShortName'=>'vu','affiliationCountry'=>'NLD'],'demodemodemo', $fixtures, $category];
222222
if (count($fixtures)===1) {
223-
yield[['username'=>'reusevaluesofexistinguser', 'name'=>'selfregistered user for example team','email'=>'[email protected]','teamName'=>'EasyEnough','affiliation'=>'none'],'demo', [...$fixtures, SelfRegisteredUserFixture::class],''];
223+
yield[['username'=>'reusevaluesofexistinguser', 'name'=>'selfregistered user for example team','email'=>'[email protected]','teamName'=>'EasyEnough','affiliation'=>'none'],'demodemodemo', [...$fixtures, SelfRegisteredUserFixture::class],''];
224224
}
225225
}
226226
}

0 commit comments

Comments
 (0)