|
@@ -7568,6 +7568,7 @@ namespace Tqdev\PhpCrudApi\Middleware {
|
7568
|
7568
|
$usernameColumnName = $this->getProperty('usernameColumn', 'username');
|
7569
|
7569
|
$usernameColumn = $table->getColumn($usernameColumnName);
|
7570
|
7570
|
$passwordColumnName = $this->getProperty('passwordColumn', 'password');
|
|
7571
|
+ $passwordLength = $this->getProperty('passwordLength', '12');
|
7571
|
7572
|
$pkName = $table->getPk()->getName();
|
7572
|
7573
|
$registerUser = $this->getProperty('registerUser', '');
|
7573
|
7574
|
$condition = new ColumnCondition($usernameColumn, 'eq', $username);
|
|
@@ -7584,6 +7585,9 @@ namespace Tqdev\PhpCrudApi\Middleware {
|
7584
|
7585
|
if (!$registerUser) {
|
7585
|
7586
|
return $this->responder->error(ErrorCode::AUTHENTICATION_FAILED, $username);
|
7586
|
7587
|
}
|
|
7588
|
+ if (strlen($password) < $passwordLength) {
|
|
7589
|
+ return $this->responder->error(ErrorCode::PASSWORD_TOO_SHORT, $passwordLength);
|
|
7590
|
+ }
|
7587
|
7591
|
$users = $this->db->selectAll($table, $columnNames, $condition, $columnOrdering, 0, 1);
|
7588
|
7592
|
if (!empty($users)) {
|
7589
|
7593
|
return $this->responder->error(ErrorCode::USER_ALREADY_EXIST, $username);
|
|
@@ -7618,6 +7622,9 @@ namespace Tqdev\PhpCrudApi\Middleware {
|
7618
|
7622
|
if ($username != ($_SESSION['user'][$usernameColumnName] ?? '')) {
|
7619
|
7623
|
return $this->responder->error(ErrorCode::AUTHENTICATION_FAILED, $username);
|
7620
|
7624
|
}
|
|
7625
|
+ if (strlen($newPassword) < $passwordLength) {
|
|
7626
|
+ return $this->responder->error(ErrorCode::PASSWORD_TOO_SHORT, $passwordLength);
|
|
7627
|
+ }
|
7621
|
7628
|
$users = $this->db->selectAll($table, $columnNames, $condition, $columnOrdering, 0, 1);
|
7622
|
7629
|
foreach ($users as $user) {
|
7623
|
7630
|
if (password_verify($password, $user[$passwordColumnName]) == 1) {
|
|
@@ -9962,6 +9969,7 @@ namespace Tqdev\PhpCrudApi\Record {
|
9962
|
9969
|
const ONLY_AJAX_REQUESTS_ALLOWED = 1018;
|
9963
|
9970
|
const PAGINATION_FORBIDDEN = 1019;
|
9964
|
9971
|
const USER_ALREADY_EXIST = 1020;
|
|
9972
|
+ const PASSWORD_TOO_SHORT = 1021;
|
9965
|
9973
|
|
9966
|
9974
|
private $values = [
|
9967
|
9975
|
9999 => ["%s", ResponseFactory::INTERNAL_SERVER_ERROR],
|
|
@@ -9986,6 +9994,7 @@ namespace Tqdev\PhpCrudApi\Record {
|
9986
|
9994
|
1018 => ["Only AJAX requests allowed for '%s'", ResponseFactory::FORBIDDEN],
|
9987
|
9995
|
1019 => ["Pagination forbidden", ResponseFactory::FORBIDDEN],
|
9988
|
9996
|
1020 => ["User '%s' already exists", ResponseFactory::CONFLICT],
|
|
9997
|
+ 1021 => ["Password too short (<%d characters)", ResponseFactory::UNPROCESSABLE_ENTITY],
|
9989
|
9998
|
];
|
9990
|
9999
|
|
9991
|
10000
|
public function __construct(int $code)
|