-
Notifications
You must be signed in to change notification settings - Fork 48
/
Copy path018-set-default-password-policy.js
70 lines (62 loc) · 2.04 KB
/
018-set-default-password-policy.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
"use strict";
const config = require('../config.js'),
log = require('winston');
exports.id = 'set-default-password-policy';
const passwordPolicy = {
minCharsEnabled: false,
minChars: 0,
maxConCharsEnabled: false,
maxConChars: 0,
lowLettersEnabled: false,
lowLetters: 0,
highLettersEnabled: false,
highLetters: 0,
numbersEnabled: false,
numbers: 0,
specialCharsEnabled: false,
specialChars: 0,
restrictSpecialCharsEnabled: false,
restrictSpecialChars: "",
passwordMinLength: 14,
passwordMinLengthEnabled: true,
customizeHelpText: false,
helpText: 'Your password is invalid and must be at least 14 characters in length.',
helpTextTemplate: {
minChars: 'have at least # letters',
maxConChars: 'not contain more than # consecutive letters',
lowLetters: 'have a minimum of # lowercase letters',
highLetters: 'have a minimum of # uppercase letters',
numbers: 'have at least # numbers',
specialChars: 'have at least # special characters',
restrictSpecialChars: 'be restricted to these special characters: #',
passwordMinLength: 'be at least # characters in length',
passwordHistoryCount: 'not be any of the past # previous passwords'
},
passwordHistoryCount: 0,
passwordHistoryCountEnabled: false
};
exports.up = async function (done) {
log.info('Setting default password policy');
if (config.api.authenticationStrategies && config.api.authenticationStrategies['local']) {
const local = config.api.authenticationStrategies['local'];
if (local.passwordMinLength) {
passwordPolicy.passwordMinLength = local.passwordMinLength;
}
}
let update = {
$rename: {
'settings.accountLock': 'settings.local.accountLock'
}
}
await this.db.collection('settings').findOneAndUpdate({ type: 'security' }, update, { upsert: true });
update = {
$set: {
'settings.local.passwordPolicy': passwordPolicy,
}
}
await this.db.collection('settings').findOneAndUpdate({ type: 'security' }, update, { upsert: true });
done();
};
exports.down = function (done) {
done();
};