2020-05-14 11:48:57 +02:00
|
|
|
package model
|
|
|
|
|
2020-05-29 08:44:01 +02:00
|
|
|
import (
|
|
|
|
caos_errs "github.com/caos/zitadel/internal/errors"
|
|
|
|
"github.com/caos/zitadel/internal/eventstore/models"
|
|
|
|
"regexp"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
hasStringLowerCase = regexp.MustCompile(`[a-z]`).MatchString
|
|
|
|
hasStringUpperCase = regexp.MustCompile(`[A-Z]`).MatchString
|
|
|
|
hasNumber = regexp.MustCompile(`[0-9]`).MatchString
|
|
|
|
hasSymbol = regexp.MustCompile(`[^A-Za-z0-9]`).MatchString
|
|
|
|
)
|
2020-05-14 11:48:57 +02:00
|
|
|
|
|
|
|
type PasswordComplexityPolicy struct {
|
|
|
|
models.ObjectRoot
|
|
|
|
|
|
|
|
Description string
|
|
|
|
State PolicyState
|
|
|
|
MinLength uint64
|
|
|
|
HasLowercase bool
|
|
|
|
HasUppercase bool
|
|
|
|
HasNumber bool
|
|
|
|
HasSymbol bool
|
|
|
|
}
|
|
|
|
|
2020-07-22 16:15:11 +02:00
|
|
|
func (p *PasswordComplexityPolicy) IsValid() error {
|
|
|
|
if p.MinLength == 0 || p.MinLength > 72 {
|
|
|
|
return caos_errs.ThrowInvalidArgument(nil, "MODEL-Lsp0e", "Errors.User.PasswordComplexityPolicy.MinLengthNotAllowed")
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2020-05-29 08:44:01 +02:00
|
|
|
func (p *PasswordComplexityPolicy) Check(password string) error {
|
|
|
|
if p.MinLength != 0 && uint64(len(password)) < p.MinLength {
|
2020-06-11 13:22:24 +02:00
|
|
|
return caos_errs.ThrowInvalidArgument(nil, "MODEL-HuJf6", "Errors.User.PasswordComplexityPolicy.MinLength")
|
2020-05-29 08:44:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if p.HasLowercase && !hasStringLowerCase(password) {
|
2020-06-11 13:22:24 +02:00
|
|
|
return caos_errs.ThrowInvalidArgument(nil, "MODEL-co3Xw", "Errors.User.PasswordComplexityPolicy.HasLower")
|
2020-05-29 08:44:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if p.HasUppercase && !hasStringUpperCase(password) {
|
2020-06-11 13:22:24 +02:00
|
|
|
return caos_errs.ThrowInvalidArgument(nil, "MODEL-VoaRj", "Errors.User.PasswordComplexityPolicy.HasUpper")
|
2020-05-29 08:44:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if p.HasNumber && !hasNumber(password) {
|
2020-06-11 13:22:24 +02:00
|
|
|
return caos_errs.ThrowInvalidArgument(nil, "MODEL-ZBv4H", "Errors.User.PasswordComplexityPolicy.HasNumber")
|
2020-05-29 08:44:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if p.HasSymbol && !hasSymbol(password) {
|
2020-06-11 13:22:24 +02:00
|
|
|
return caos_errs.ThrowInvalidArgument(nil, "MODEL-ZDLwA", "Errors.User.PasswordComplexityPolicy.HasSymbol")
|
2020-05-29 08:44:01 +02:00
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|