Details
-
Type:
Improvement
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 5.11.0
-
Fix Version/s: 5.13.0-b1
-
Component/s: Staff Interface
-
Labels:None
Description
By default the only requirement for client passwords is that they be at least 6 characters in length. If I understand, this is defined in /app/models/users.php in getRules, like so:
'new_password' => [
'format' => [
'rule' => 'isPassword',
'message' => $this->_('Users.!error.new_password.format'),
],
isPassword is defined in the Input model /vendors/minphp/input/src/Input.php and it allows a minimum length to be set, as well as some pre-defined regex's including: any, any_no_space, alpha_num, alpha, num, custom. If custom is selected then a custom regex can be supplied.
Add a new option under Settings > Client Options: General Client Settings below the last field "Client ID Increment Value". It will consist of 3 new fields.
- Dropdown field called Rule that contains all the rules supported by the isPassword method, but label them like so: Any Characters (any), No Spaces (any_no_space), Alphanumeric Only (alpha_num), Alpha Only (alpha), Numbers Only (num), and Custom.
- If "Custom" is selected, show an Input field where a custom regex may be entered.
- If Custom is not selected, include an input field called "Length". Default to 6.
The reason the length field is not shown for a custom regex is because the length will be defined in the custom regex.
The fields should default to: Any Characters, Any, and 6 for password length. This makes it work the same as it does now.