From b65988fa5cd08142facb7709e524d417d2ff9a66 Mon Sep 17 00:00:00 2001 From: Gayathri Devi Kathiri Date: Tue, 8 Dec 2020 11:08:12 +0000 Subject: [PATCH] Modify Password validator related settings in Horizon Add "enable_pwd_validator" variable to apply password validator settings when enabled in horizon values. Modify "PASSWORD_VALIDATOR" so as to enforce password requirements i.e., password must be at least eight characters in length and must include characters from at least two of these groupings: alpha, numeric, and special characters when "enable_pwd_validator" is enabled. Change-Id: Ia866feb875490d0bb40e820c6c32ee2cb6aa4c29 --- horizon/Chart.yaml | 2 +- horizon/values.yaml | 14 ++++++++++---- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/horizon/Chart.yaml b/horizon/Chart.yaml index 8f8d4f9e9e..3b12318bab 100644 --- a/horizon/Chart.yaml +++ b/horizon/Chart.yaml @@ -14,7 +14,7 @@ apiVersion: v1 appVersion: v1.0.0 description: OpenStack-Helm Horizon name: horizon -version: 0.1.2 +version: 0.1.3 home: https://docs.openstack.org/horizon/latest/ icon: https://www.openstack.org/themes/openstack/images/project-mascots/Horizon/OpenStack_Project_Horizon_vertical.png sources: diff --git a/horizon/values.yaml b/horizon/values.yaml index b15aec5bde..0ccfcb6ab8 100644 --- a/horizon/values.yaml +++ b/horizon/values.yaml @@ -189,6 +189,10 @@ conf: disable_password_reveal: "True" csrf_cookie_secure: "False" enforce_password_check: "True" + # Set enable_pwd_validator to true to enforce password validator settings. + enable_pwd_validator: false + pwd_validator_regex: '(?=.*[a-zA-Z])(?=.*\d).{8,}|(?=.*\d)(?=.*\W).{8,}|(?=.*\W)(?=.*[a-zA-Z]).{8,}' + pwd_validator_help_text: '_("Your password must be at least eight (8) characters in length and must include characters from at least two (2) of these groupings: alpha, numeric, and special characters.")' session_cookie_secure: "False" session_cookie_httponly: "False" secure_proxy_ssl_header: false @@ -323,11 +327,13 @@ conf: 'js_spec_files': [], } + {{- if .Values.conf.horizon.local_settings.config.enable_pwd_validator }} # Specify a regular expression to validate user passwords. - #HORIZON_CONFIG["password_validator"] = { - # "regex": '.*', - # "help_text": _("Your password does not meet the requirements."), - #} + HORIZON_CONFIG["password_validator"] = { + "regex": '{{ .Values.conf.horizon.local_settings.config.pwd_validator_regex }}', + "help_text": {{ .Values.conf.horizon.local_settings.config.pwd_validator_help_text }}, + } + {{- end }} # Disable simplified floating IP address management for deployments with # multiple floating IP pools or complex network requirements.