1
0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2024-12-22 07:17:05 +00:00

Change read_password() logic to better catch improper passwords

Currently read_password does not verify password length. But further down the chain, passwords are checked to make sure they are longer than four characters.

If during initial setup, the user enters a password that is shorter than four characters, this will not be caught here, but when the script actually calls management/mailconfig.py to add the user, it will fail without a chance to correct the short password.

The setup script will then continue without an inital user being created and this will confuse users.
This commit is contained in:
Hnk Reno 2015-03-29 18:54:37 +02:00
parent 3d21f2223e
commit 6c64723d7c

View File

@ -28,13 +28,17 @@ def mgmt(cmd, data=None, is_json=False):
return resp
def read_password():
first = getpass.getpass('password: ')
second = getpass.getpass(' (again): ')
while first != second:
print('Passwords not the same. Try again.')
first = getpass.getpass('password: ')
second = getpass.getpass(' (again): ')
return first
while True:
first = getpass.getpass('password: ')
if len(first) < 4:
print('Passwords must be at least four characters.')
continue
second = getpass.getpass(' (again): ')
if first != second:
print('Passwords not the same. Try again.')
continue
break
return first
def setup_key_auth(mgmt_uri):
key = open('/var/lib/mailinabox/api.key').read().strip()