--- loncom/interface/lonpreferences.pm 2019/04/24 02:00:23 1.229 +++ loncom/interface/lonpreferences.pm 2019/04/30 12:56:23 1.232 @@ -1,7 +1,7 @@ # The LearningOnline Network # Preferences # -# $Id: lonpreferences.pm,v 1.229 2019/04/24 02:00:23 raeburn Exp $ +# $Id: lonpreferences.pm,v 1.232 2019/04/30 12:56:23 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -27,8 +27,6 @@ # # This package uses the "londes.js" javascript code. # -# TODOs that have to be completed: -# interface with lonnet to change the password package Apache::lonpreferences; @@ -1312,7 +1310,7 @@ sub passwordchanger { ); return; } - } else { + } else { $r->print( '

' .&mt('Sorry, the URL generated when you requested reset of' @@ -1621,7 +1619,7 @@ ENDERROR &mt('Please try again.').'',$caller,$mailtoken); return 1; } - } + } if ($newpass1 ne $newpass2) { &passwordchanger($r, ''. @@ -1629,12 +1627,84 @@ ENDERROR &mt('Please try again.').'',$caller,$mailtoken); return 1; } - if (length($newpass1) < 7) { - &passwordchanger($r, - ''. - &mt('Passwords must be a minimum of 7 characters long.').' '. - &mt('Please try again.').'',$caller,$mailtoken); - return 1; + if ($currentauth eq 'unix:') { + if (length($newpass1) < 7) { + &passwordchanger($r, + ''. + &mt('Passwords must be a minimum of 7 characters long.').' '. + &mt('Please try again.').'',$caller,$mailtoken); + return 1; + } + } else { + my %passwdconf = &Apache::lonnet::get_passwdconf($domain); + my ($min,$max,@chars,@brokerule); + if (ref($passwdconf{'chars'}) eq 'ARRAY') { + if ($passwdconf{'min'} =~ /^\d+$/) { + $min = $passwdconf{'min'}; + } + if ($passwdconf{'max'} =~ /^\d+$/) { + $max = $passwdconf{'max'}; + } + @chars = @{$passwdconf{'chars'}}; + } else { + $min = 7; + } + if (($min) && (length($newpass1) < $min)) { + push(@brokerule,'min'); + } + if (($max) && (length($newpass1) > $max)) { + push(@brokerule,'max'); + } + if (@chars) { + my %rules; + map { $rules{$_} = 1; } @chars; + if ($rules{'uc'}) { + unless ($newpass1 =~ /[A-Z]/) { + push(@brokerule,'uc'); + } + } + if ($rules{'lc'}) { + unless ($newpass1 =~ /a-z/) { + push(@brokerule,'lc'); + } + } + if ($rules{'num'}) { + unless ($newpass1 =~ /\d/) { + push(@brokerule,'num'); + } + } + if ($rules{'spec'}) { + unless ($newpass1 =~ /[!"#$%&'()*+,\-.\/:;<=>?@[\\\]^_`{|}~]/) { + push(@brokerule,'spec'); + } + } + } + if (@brokerule) { + my %rulenames = &Apache::lonlocal::texthash( + uc => 'At least one upper case letter', + lc => 'At least one lower case letter', + num => 'At least one number', + spec => 'At least one non-alphanumeric', + ); + $rulenames{'uc'} .= ': ABCDEFGHIJKLMNOPQRSTUVWXYZ'; + $rulenames{'lc'} .= ': abcdefghijklmnopqrstuvwxyz'; + $rulenames{'num'} .= ': 0123456789'; + $rulenames{'spec'} .= ': !"\#$%&\'()*+,-./:;<=>?@[\]^_\`{|}~'; + $rulenames{'min'} = &mt('Minimum password length: [_1]',$min); + $rulenames{'max'} = &mt('Maximum password length: [_1]',$max); + my $warning = &mt('Password did not satisfy the following:').'

'; + &passwordchanger($r,''. + $warning. + &mt('Please try again.').'', + $caller,$mailtoken); + return 1; + } } # # Check for bad characters @@ -1682,8 +1752,14 @@ ENDERROR return $result; } } else { + my $feedback; + if ($result eq 'prioruse') { + $feedback = &mt('Please enter a password that you have not used recently.'); + } else { + $feedback = &mt('Please make sure your old password was entered correctly.'); + } $message = &Apache::lonhtmlcommon::confirm_success( - &mt("The password for user [_1] was not changed.",''.$user.'').' '.&mt('Please make sure your old password was entered correctly.'),1); + &mt("The password for user [_1] was not changed.",''.$user.'').' '.$feedback,1); $message=&Apache::loncommon::confirmwrapper($message); &print_main_menu($r, $message); if (ref($ended)) {