* Check if the provided password matches the strictness as configured in * directus_settings.auth_password_policy
(passwords: string[])
| 88 | * directus_settings.auth_password_policy |
| 89 | */ |
| 90 | private async checkPasswordPolicy(passwords: string[]): Promise<void> { |
| 91 | const settingsService = new SettingsService({ |
| 92 | schema: this.schema, |
| 93 | knex: this.knex, |
| 94 | }); |
| 95 | |
| 96 | const { auth_password_policy: policyRegExString } = await settingsService.readSingleton({ |
| 97 | fields: ['auth_password_policy'], |
| 98 | }); |
| 99 | |
| 100 | if (!policyRegExString) { |
| 101 | return; |
| 102 | } |
| 103 | |
| 104 | const wrapped = policyRegExString.startsWith('/') && policyRegExString.endsWith('/'); |
| 105 | const regex = new RegExp(wrapped ? policyRegExString.slice(1, -1) : policyRegExString); |
| 106 | |
| 107 | for (const password of passwords) { |
| 108 | if (!regex.test(password)) { |
| 109 | throw new FailedValidationError( |
| 110 | joiValidationErrorItemToErrorExtensions({ |
| 111 | message: `Provided password doesn't match password policy`, |
| 112 | path: ['password'], |
| 113 | type: 'custom.pattern.base', |
| 114 | context: { |
| 115 | value: password, |
| 116 | }, |
| 117 | }), |
| 118 | ); |
| 119 | } |
| 120 | } |
| 121 | } |
| 122 | |
| 123 | /** |
| 124 | * Clear users' sessions to log them out |
no test coverage detected