Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions src/ppolicy/html/policy.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,14 @@
</li>
{/if}

<!-- pwd_forbidden_ldap_fields criteria -->
{if $pwd_forbidden_ldap_fields && $use_restapi}
<li>
<i id="ppolicy-pwd_forbidden_ldap_fields-feedback" class="fa fa-li"> </i>
{$msg_policyforbiddenldapfields|unescape: "html" nofilter}
</li>
{/if}

<!-- use_pwnedpasswords criteria -->
{if $use_pwnedpasswords }
<li>
Expand Down
89 changes: 89 additions & 0 deletions src/ppolicy/js/ppolicy.js
Original file line number Diff line number Diff line change
@@ -1,3 +1,61 @@
const PWD_VALIDATE_FORBIDDEN_LDAP_API = "/rest/v1/validatepassword.php";

let debounceTimeout;
let storedLogin = '';
let storedPassword = '';

const isPasswordValid = async () => {
const response = await fetch(PWD_VALIDATE_FORBIDDEN_LDAP_API, {
method: "POST",
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
body: new URLSearchParams({
'login': storedLogin,
'password': storedPassword
}).toString(),
});

const rawResponse = await response.text();
const parsedResponse = JSON.parse(rawResponse);

if (response.ok) {
return parsedResponse['isValid'];
}
else if (response.status === 404) {
return true;
}
else if (response.status === 400) {
console.log("Error while trying to query " + PWD_VALIDATE_FORBIDDEN_LDAP_API + " api endpoint : invalid request");
console.log(parsedResponse['message']);
return true;
}
else {
console.log("Error while trying to query " + PWD_VALIDATE_FORBIDDEN_LDAP_API + " api endpoint : server error");
console.log(parsedResponse['message']);
return true;
}
}

const apiCallTimeout = async () => {
const isValid = await isPasswordValid()

if(isValid) {
setResult('ppolicy-pwd_forbidden_ldap_fields-feedback', "good");
} else {
setResult('ppolicy-pwd_forbidden_ldap_fields-feedback', "bad");
}
}

const updatePwdForbiddenLdapFeedback = () => {
if(!storedLogin.length || !storedPassword.length) {
setResult('ppolicy-pwd_forbidden_ldap_fields-feedback', "good");
return
}
setResult('ppolicy-pwd_forbidden_ldap_fields-feedback', "waiting");

clearTimeout(debounceTimeout);
debounceTimeout = setTimeout(apiCallTimeout, 1000);
}

(function() {
var barWidth, bootstrapClasses, displayEntropyBar, displayEntropyBarMsg, ppolicyResults;

Expand Down Expand Up @@ -215,6 +273,10 @@
}
}

if (local_policy.pwd_forbidden_ldap_fields && local_policy.use_restapi) {
updatePwdForbiddenLdapFeedback();
}

if (local_policy.pwd_diff_last_min_chars > 0) {
if( $( "#oldpassword" ).length )
{
Expand Down Expand Up @@ -363,6 +425,11 @@
}
});

$(document).on('loginchanged', function(event, context) {
storedLogin = context.login;
updatePwdForbiddenLdapFeedback();
});



checkpassword = function(password, evType) {
Expand All @@ -373,8 +440,30 @@
evType: evType,
setResult: setResult
};
storedPassword = password;
return $(document).trigger(e, info);
};

changelogin = function(login) {
var e, info
e = jQuery.Event("loginchanged");
info = {
login: login
};
return $(document).trigger(e, info);
}

if ( local_policy != null && local_policy.pwd_forbidden_ldap_fields && local_policy.use_restapi && $('#login').length ) {
changelogin($('#login').val());

$('#login').keyup(function(e) {
changelogin(e.target.value);
});
$('#login').focusout(function(e) {
changelogin(e.target.value);
});
}

if ( (local_policy != null) && $('#newpassword').length) {
checkpassword('');
$('#newpassword').keyup(function(e) {
Expand Down