Skip to content

Commit

Permalink
パスワードの複雑性の向上
Browse files Browse the repository at this point in the history
  • Loading branch information
@seto1
seto1 committed Mar 15, 2024
1 parent 5bf7870 commit 4fa68b4
Show file tree
Hide file tree
Showing 13 changed files with 171 additions and 53 deletions.
21 changes: 20 additions & 1 deletion plugins/baser-core/config/setting.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -506,7 +506,26 @@
]
]
]
]
],

/*
* パスワードの設定ルール
*/
'passwordRule' => [
// 最小文字数
'minLength' => 12,
// 入力必須な文字種
'requiredCharacterTypes' => [
// 数値
'numeric',
// 大文字英字
'uppercase',
// 小文字英字
'lowercase',
// 記号
// 'symbol',
],
],
],

/**
Expand Down
99 changes: 79 additions & 20 deletions plugins/baser-core/src/Model/Table/UsersTable.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,12 @@
use ArrayObject;
use Authentication\Authenticator\SessionAuthenticator;
use BaserCore\Utility\BcUtil;
use Cake\Core\Configure;
use Cake\ORM\Query;
use Cake\Event\Event;
use Cake\ORM\TableRegistry;
use Cake\Routing\Router;
use Cake\Utility\Hash;
use Cake\Validation\Validator;
use BaserCore\Model\Entity\User;
use BaserCore\View\BcAdminAppView;
Expand All @@ -27,6 +29,7 @@
use BaserCore\Annotation\NoTodo;
use BaserCore\Annotation\Checked;
use BaserCore\Annotation\UnitTest;
use BaserCore\Service\SiteConfigsService;

/**
* Class UsersTable
Expand Down Expand Up @@ -192,22 +195,8 @@ public function validationDefault(Validator $validator): Validator
'provider' => 'table',
'message' => __d('baser_core', '既に登録のあるEメールです。')
]]);
$validator
->scalar('password')
->minLength('password', 6, __d('baser_core', 'パスワードは6文字以上で入力してください。'))
->maxLength('password', 255, __d('baser_core', 'パスワードは255文字以内で入力してください。'))
->add('password', [
'passwordAlphaNumericPlus' => [
'rule' => ['alphaNumericPlus', ' \.:\/\(\)#,@\[\]\+=&;\{\}!\$\*'],
'provider' => 'bc',
'message' => __d('baser_core', 'パスワードは半角英数字(英字は大文字小文字を区別)とスペース、記号(._-:/()#,@[]+=&;{}!$*)のみで入力してください。')
]])
->add('password', [
'passwordConfirm' => [
'rule' => ['confirm', ['password_1', 'password_2']],
'provider' => 'bc',
'message' => __d('baser_core', 'パスワードが同じものではありません。')
]]);

$this->validationPassword($validator);

return $validator;
}
Expand All @@ -229,24 +218,27 @@ public function validationNew(Validator $validator): Validator
}

/**
* validationPasswordUpdate
* validationPassword
* @param Validator $validator
* @return Validator
* @checked
* @unitTest
* @noTodo
*/
public function validationPasswordUpdate(Validator $validator): Validator
public function validationPassword(Validator $validator): Validator
{
$symbol = ' ._-:/()#,@[]+=&;{}!$*';
$quotedSymbol = preg_quote($symbol, '/');

$validator
->scalar('password')
->minLength('password', 6, __d('baser_core', 'パスワードは6文字以上で入力してください。'))
->maxLength('password', 255, __d('baser_core', 'パスワードは255文字以内で入力してください。'))
->add('password', [
'passwordAlphaNumericPlus' => [
'rule' => ['alphaNumericPlus', ' \.:\/\(\)#,@\[\]\+=&;\{\}!\$\*'],
'rule' => ['alphaNumericPlus', $quotedSymbol],
'provider' => 'bc',
'message' => __d('baser_core', 'パスワードは半角英数字(英字は大文字小文字を区別)とスペース、記号(._-:/()#,@[]+=&;{}!$*)のみで入力してください。')
'message' => __d('baser_core', 'パスワードは半角英数字(英字は大文字小文字を区別)とスペース、記号(' . trim($symbol) . ')のみで入力してください。')
]])
->add('password', [
'passwordConfirm' => [
Expand All @@ -255,9 +247,76 @@ public function validationPasswordUpdate(Validator $validator): Validator
'message' => __d('baser_core', 'パスワードが同じものではありません。')
]]);

// 複雑性のチェック
$SiteConfigsService = new SiteConfigsService();
if (!$SiteConfigsService->getValue('allow_simple_password')) {
// 最小文字数
$minLength = Configure::read('BcApp.passwordRule.minLength');
if ($minLength && is_numeric($minLength)) {
$validator->minLength('password', $minLength,
__d('baser_core', 'パスワードは{0}文字以上で入力してください。', $minLength));
}

// 入力必須な文字種
$requiredCharacterTypePatterns = [
'numeric' => [
'name' => __d('baser_core', '数字'),
'pattern' => '\d',
],
'uppercase' => [
'name' => __d('baser_core', '大文字英字'),
'pattern' => '[A-Z]',
],
'lowercase' => [
'name' => __d('baser_core', '小文字英字'),
'pattern' => '[a-z]',
],
'symbol' => [
'name' => __d('baser_core', '大文字英字'),
'pattern' => '[' . $quotedSymbol . ']',
],
];

// 無効な文字種を削除
$requiredCharacterTypes = Configure::read('BcApp.passwordRule.requiredCharacterTypes');
foreach ($requiredCharacterTypePatterns as $key => $name) {
if (!in_array($key, $requiredCharacterTypes)) {
unset($requiredCharacterTypePatterns[$key]);
}
}

// AND条件の正規表現
$patterns = array_map(function($pattern) {
return '(?=.*' . $pattern . ')';
}, Hash::extract($requiredCharacterTypePatterns, '{s}.pattern'));
$pattern = '/^' . implode('', $patterns) . '.*$/';

$validator->add('password', [
'passwordRequiredCharacterType' => [
'rule' => ['custom', $pattern],
'message' => __d('baser_core', 'パスワードは{0}を含む必要があります。',
implode('', Hash::extract($requiredCharacterTypePatterns, '{s}.name'))),
]]);
}

return $validator;
}

/**
* validationPasswordUpdate
* @param Validator $validator
* @return Validator
* @checked
* @unitTest
* @noTodo
*/
public function validationPasswordUpdate(Validator $validator): Validator
{
return $this->validationPassword($validator)
->requirePresence('password', true, __d('baser_core', 'パスワードを入力してください。'))
->notEmptyString('password', __d('baser_core', 'パスワードを入力してください。'));
}

/**
* コントロールソースを取得する
*
Expand Down
24 changes: 19 additions & 5 deletions plugins/baser-core/tests/TestCase/Model/Table/UsersTableTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -141,15 +141,15 @@ public function testValidationDefault()
}

/**
* Test validationPasswordUpdate
* Test validationPassword
* @param $isValid 妥当でない場合、$validator->validateからエラーが返る
* @param $data パスワード文字列
* @return void
* @dataProvider validationPasswordUpdateDataProvider
* @dataProvider validationPasswordDataProvider
*/
public function testValidationPasswordUpdate($isValid, $data)
public function testValidationPassword($isValid, $data)
{
$validator = $this->Users->validationPasswordUpdate(new Validator());
$validator = $this->Users->validationPassword(new Validator());
$validator->setProvider('table', $this->Users);
if ($isValid) {
$this->assertEmpty($validator->validate($data));
Expand All @@ -158,7 +158,7 @@ public function testValidationPasswordUpdate($isValid, $data)
}
}

public static function validationPasswordUpdateDataProvider()
public static function validationPasswordDataProvider()
{
$exceedMax = "testtesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttesttest";
return [
Expand All @@ -175,6 +175,20 @@ public static function validationPasswordUpdateDataProvider()
];
}

/**
* Test validationPasswordUpdate
* @return void
*/
public function testValidationPasswordUpdate()
{
$validator = $this->Users->validationPasswordUpdate(new Validator());

$this->assertEmpty($validator->validate([
'password' => 'testtest', 'password_1' => 'testtest', 'password_2' => 'testtest',
]));

$this->assertNotEmpty($validator->validate([]));
}

/**
* Test validationNew
Expand Down
10 changes: 2 additions & 8 deletions plugins/bc-admin-third/src/bc_installer/js/admin/installations/step4.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,14 +23,8 @@ $(function () {
} else if ($("#admin-email").val() === "") {
alert(bcI18n.message1);
result = false;
} else if ($("#admin-password").val().length < 6) {
alert(bcI18n.message4);
result = false;
} else if ($("#admin-password").val() !== $("#admin-confirm-password").val()) {
alert(bcI18n.message5);
result = false;
} else if (!$("#admin-password").val().match(/^[a-zA-Z0-9\-_ \.:\/\(\)#,@\[\]\+=&;\{\}!\$\*]+$/)) {
alert(bcI18n.message6);
} else if ($("#admin-password").val() === "") {
alert(bcI18n.message2);
result = false;
}
} else if (this.id === 'BtnBack') {
Expand Down
7 changes: 6 additions & 1 deletion plugins/bc-admin-third/src/css/components/_install.scss
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,14 @@
}
}
}
.bca-checkbox__label {
margin-top: 10px;
font-weight: normal;
font-size: 80%;
}
}
.step-5 {
li {
margin:20px 0;
}
}
}
15 changes: 14 additions & 1 deletion plugins/bc-admin-third/templates/Admin/SiteConfigs/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,7 +214,6 @@
<?php echo $this->BcAdminForm->error('admin_side_banner') ?>
</td>
</tr>

<tr>
<th class="col-head bca-form-table__label">
<?php echo $this->BcAdminForm->label('use_update_notice', __d('baser_core', 'アップデート通知')) ?>
Expand All @@ -230,6 +229,20 @@
<?php echo $this->BcAdminForm->error('use_update_notice') ?>
</td>
</tr>
<tr>
<th class="col-head bca-form-table__label">
<?php echo $this->BcAdminForm->label('allow_simple_password', __d('baser_core', '簡易なログインパスワード')) ?>
</th>
<td class="col-input bca-form-table__input">
<?php echo $this->BcAdminForm->control('allow_simple_password', [
'type' => 'checkbox',
'label' => __d('baser_core', 'ログインパスワードの複雑性のチェックを行わない')
]) ?>
<i class="bca-icon--question-circle bca-help"></i>
<div class="bca-helptext"><?php echo __d('baser_core', 'チェックが入っている場合、ユーザーがパスワードを設定する際の文字数と文字種の制限が緩和されます。') ?></div>
<?php echo $this->BcAdminForm->error('allow_simple_password') ?>
</td>
</tr>

<?php echo $this->BcAdminForm->dispatchAfterForm('Admin') ?>

Expand Down
1 change: 0 additions & 1 deletion plugins/bc-admin-third/templates/Admin/element/Users/form.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,6 @@ class="col-head bca-form-table__label"><?php echo $this->BcAdminForm->label('use
<?php endif; ?>
<?php echo __d('baser_core', '確認のため2回入力してください。') ?></li>
<li><?php echo __d('baser_core', '半角英数字(英字は大文字小文字を区別)とスペース、記号(._-:/()#,@[]+=&;{}!$*)のみで入力してください') ?></li>
<li><?php echo __d('baser_core', '最低6文字以上で入力してください') ?></li>
</ul>
</div>
<?php echo $this->BcAdminForm->error('password') ?>
Expand Down
24 changes: 14 additions & 10 deletions plugins/bc-admin-third/templates/plugin/BcInstaller/Admin/Installations/step4.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,7 @@
$this->BcBaser->i18nScript([
'message0' => __d('baser_core', 'サイト名を入力してください。'),
'message1' => __d('baser_core', '管理用メールアドレスを入力してください。'),
'message4' => __d('baser_core', 'あなたのパスワードを6文字以上で入力してください。'),
'message5' => __d('baser_core', 'パスワードが確認欄のパスワードと同じではありません。'),
'message6' => __d('baser_core', 'パスワードは半角英数字(英字は大文字小文字を区別)とスペース、記号(._-:/()#,@[]+=&;{}!$*)のみで入力してください。')
'message2' => __d('baser_core', 'パスワードを入力してください。'),
]);
$this->BcAdmin->setTitle(__d('baser_core', 'baserCMSのインストール|ステップ4'));
$this->BcBaser->js('BcInstaller.admin/installations/step4.bundle', false);
Expand Down Expand Up @@ -52,14 +50,20 @@
</li>
<li class="clearfix">
<label><?php echo __d('baser_core', 'パスワード') ?></label>&nbsp;<small><?php echo __d('baser_core', '半角英数字(英字は大文字小文字を区別)とスペース、記号(._-:/()#,@[]+=&amp;;{}!$*)') ?></small><br>
<div class="float-left">
<?php echo $this->BcAdminForm->control('admin_password', ['type' => 'password']); ?>
</div>
<div class="float-left">
<?php echo $this->BcAdminForm->control('admin_confirm_password', ['type' => 'password']); ?>
<br>
<small><?php echo __d('baser_core', '確認のためもう一度入力してください') ?></small>
<div class="bca-panel-box__inline-fields">
<div>
<?php echo $this->BcAdminForm->control('admin_password', ['type' => 'password']); ?>
</div>
<div>
<?php echo $this->BcAdminForm->control('admin_confirm_password', ['type' => 'password']); ?>
<br>
<small><?php echo __d('baser_core', '確認のためもう一度入力してください') ?></small>
</div>
</div>
<?php echo $this->BcAdminForm->control('allow_simple_password', [
'type' => 'checkbox',
'label' => __d('baser_core', 'ログインパスワードの複雑性のチェックを行わない')
]) ?>
</li>
</ul>
</div>
Expand Down
2 changes: 1 addition & 1 deletion plugins/bc-admin-third/webroot/bc_custom_content/js/admin/custom_tables/form.bundle.js.map
View file

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion plugins/bc-admin-third/webroot/bc_installer/js/admin/installations/step4.bundle.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 4fa68b4

Please sign in to comment.