topaLE
/
uptime-kuma
1
0
Fork 0
Code Issues 185 Pull Requests 26 Projects Releases 28 Wiki Activity
Browse Source

add passwordStrength

pull/766/head
Louis Lam 3 years ago
parent
cd04ac4557
commit
56094a43d7
3 changed files with 25 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      package-lock.json
  2. 3
      package.json
  3. 11
      server/server.js

15
package-lock.json
View File

@ -1,12 +1,12 @@
{ {
"name": "uptime-kuma", "name": "uptime-kuma",
"version": "1.8.0", "version": "1.9.1",
"lockfileVersion": 2, "lockfileVersion": 2,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "uptime-kuma", "name": "uptime-kuma",
"version": "1.8.0", "version": "1.9.1",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@fortawesome/fontawesome-svg-core": "~1.2.36", "@fortawesome/fontawesome-svg-core": "~1.2.36",
@ -23,6 +23,7 @@
"chardet": "^1.3.0", "chardet": "^1.3.0",
"chart.js": "~3.5.1", "chart.js": "~3.5.1",
"chartjs-adapter-dayjs": "~1.0.0", "chartjs-adapter-dayjs": "~1.0.0",
"check-password-strength": "^2.0.3",
"command-exists": "~1.2.9", "command-exists": "~1.2.9",
"compare-versions": "~3.6.0", "compare-versions": "~3.6.0",
"dayjs": "~1.10.7", "dayjs": "~1.10.7",
@ -3905,6 +3906,11 @@
"dayjs": "^1.8.15" "dayjs": "^1.8.15"
} }
}, },
"node_modules/check-password-strength": {
"version": "2.0.3",
"resolved": "https://registry.npmjs.org/check-password-strength/-/check-password-strength-2.0.3.tgz",
"integrity": "sha512-UW3YgMUne9QuejgnNWjWwYi4QhWArVj+1OXqDR1NkEQcmMKKO74O3P5ZvXr9JZNbTBfcwlK3yurYCMuJsck83A=="
},
"node_modules/chokidar": { "node_modules/chokidar": {
"version": "3.5.2", "version": "3.5.2",
"resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.2.tgz", "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.2.tgz",
@ -15474,6 +15480,11 @@
"integrity": "sha512-EnbVqTJGFKLpg1TROLdCEufrzbmIa2oeLGx8O2Wdjw2EoMudoOo9+YFu+6CM0Z0hQ/v3yq/e/Y6efQMu22n8Jg==", "integrity": "sha512-EnbVqTJGFKLpg1TROLdCEufrzbmIa2oeLGx8O2Wdjw2EoMudoOo9+YFu+6CM0Z0hQ/v3yq/e/Y6efQMu22n8Jg==",
"requires": {} "requires": {}
}, },
"check-password-strength": {
"version": "2.0.3",
"resolved": "https://registry.npmjs.org/check-password-strength/-/check-password-strength-2.0.3.tgz",
"integrity": "sha512-UW3YgMUne9QuejgnNWjWwYi4QhWArVj+1OXqDR1NkEQcmMKKO74O3P5ZvXr9JZNbTBfcwlK3yurYCMuJsck83A=="
},
"chokidar": { "chokidar": {
"version": "3.5.2", "version": "3.5.2",
"resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.2.tgz", "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.5.2.tgz",

3
package.json
View File

@ -62,10 +62,11 @@
"axios": "~0.21.4", "axios": "~0.21.4",
"bcryptjs": "~2.4.3", "bcryptjs": "~2.4.3",
"bootstrap": "~5.1.1", "bootstrap": "~5.1.1",
"chardet": "^1.3.0",
"bree": "~6.3.1", "bree": "~6.3.1",
"chardet": "^1.3.0",
"chart.js": "~3.5.1", "chart.js": "~3.5.1",
"chartjs-adapter-dayjs": "~1.0.0", "chartjs-adapter-dayjs": "~1.0.0",
"check-password-strength": "^2.0.3",
"command-exists": "~1.2.9", "command-exists": "~1.2.9",
"compare-versions": "~3.6.0", "compare-versions": "~3.6.0",
"dayjs": "~1.10.7", "dayjs": "~1.10.7",

11
server/server.js
View File

@ -31,6 +31,7 @@ debug("Importing prometheus-api-metrics");
const prometheusAPIMetrics = require("prometheus-api-metrics"); const prometheusAPIMetrics = require("prometheus-api-metrics");
debug("Importing compare-versions"); debug("Importing compare-versions");
const compareVersions = require("compare-versions"); const compareVersions = require("compare-versions");
const { passwordStrength } = require("check-password-strength");
debug("Importing 2FA Modules"); debug("Importing 2FA Modules");
const notp = require("notp"); const notp = require("notp");
@ -468,6 +469,10 @@ exports.entryPage = "dashboard";
socket.on("setup", async (username, password, callback) => { socket.on("setup", async (username, password, callback) => {
try { try {
if (passwordStrength(password).value === "Too weak") {
throw new Error("Password is too weak. It should contain alphabetic and numeric characters. It must be at least 6 characters in length.");
}
if ((await R.count("user")) !== 0) { if ((await R.count("user")) !== 0) {
throw new Error("Uptime Kuma has been initialized. If you want to run setup again, please delete the database."); throw new Error("Uptime Kuma has been initialized. If you want to run setup again, please delete the database.");
} }
@ -857,10 +862,14 @@ exports.entryPage = "dashboard";
try { try {
checkLogin(socket); checkLogin(socket);
if (! password.currentPassword) { if (! password.newPassword) {
throw new Error("Invalid new password"); throw new Error("Invalid new password");
} }
if (passwordStrength(password.newPassword).value === "Too weak") {
throw new Error("Password is too weak. It should contain alphabetic and numeric characters. It must be at least 6 characters in length.");
}
let user = await R.findOne("user", " id = ? AND active = 1 ", [ let user = await R.findOne("user", " id = ? AND active = 1 ", [
socket.userID, socket.userID,
]); ]);

Write Preview
Loading…
Cancel
Save