diff --git a/application/loginwebpage.class.inc.php b/application/loginwebpage.class.inc.php
index 733372126..111a6bb73 100644
--- a/application/loginwebpage.class.inc.php
+++ b/application/loginwebpage.class.inc.php
@@ -1062,6 +1062,21 @@ class LoginWebPage extends NiceWebPage
exit;
}
}
+ else if ($operation == 'check_pwd_policy')
+ {
+ $aPwdMap = array();
+
+ foreach (array('new_pwd', 'retype_new_pwd') as $postedPwd)
+ {
+ $oUser = new UserLocal();
+ $oUser->ValidatePassword($_POST[$postedPwd]);
+
+ $aPwdMap[$postedPwd]['isValid'] = $oUser->IsPasswordValid();
+ $aPwdMap[$postedPwd]['message'] = $oUser->getPasswordValidityMessage();
+ }
+ echo json_encode($aPwdMap);
+ die();
+ }
if ($operation == 'do_change_pwd')
{
if (isset($_SESSION['auth_user']))
diff --git a/datamodels/2.x/authent-local/model.authent-local.php b/datamodels/2.x/authent-local/model.authent-local.php
index 69cc4b218..f9776a022 100755
--- a/datamodels/2.x/authent-local/model.authent-local.php
+++ b/datamodels/2.x/authent-local/model.authent-local.php
@@ -176,6 +176,21 @@ class UserLocal extends UserInternal
return (empty($this->m_oPasswordValidity)) || ($this->m_oPasswordValidity->isPasswordValid());
}
+ public function getPasswordValidityMessage()
+ {
+ if (ContextTag::Check('Setup'))
+ {
+ // during the setup, the admin account can have whatever password you want ...
+ return null;
+ }
+
+ if (empty($this->m_oPasswordValidity))
+ {
+ return null;
+ }
+
+ return $this->m_oPasswordValidity->getPasswordValidityMessage();
+ }
/**
diff --git a/templates/login/password/changepwdform.html.twig b/templates/login/password/changepwdform.html.twig
index 9676b1828..727bec34b 100644
--- a/templates/login/password/changepwdform.html.twig
+++ b/templates/login/password/changepwdform.html.twig
@@ -23,15 +23,19 @@
+
+
@@ -39,6 +43,36 @@
+
+
{% endblock %}
{% block script %}
diff --git a/templates/login/password/changepwdform.js.twig b/templates/login/password/changepwdform.js.twig
index 48ec1114d..be2a7dfbf 100644
--- a/templates/login/password/changepwdform.js.twig
+++ b/templates/login/password/changepwdform.js.twig
@@ -15,3 +15,89 @@ function DoCheckPwd()
}
return true;
}
+
+$(function() {
+ var iCheckPwdPolicyTimeout = null;
+ var jqXHRCheckPwdPolicy = null;
+ var aPwdFieldMap = ['new_pwd', 'retype_new_pwd'];
+ var sFieldsCssSelector = aPwdFieldMap.map(function(item) {return '#'+item}).join(',');
+
+ console.debug(aPwdFieldMap, sFieldsCssSelector);
+
+ $(sFieldsCssSelector).on('keyup', function() {
+ if (null != iCheckPwdPolicyTimeout)
+ {
+ clearTimeout(iCheckPwdPolicyTimeout);
+ }
+
+ var iCheckPwdPolicyTimeout = setTimeout(function () {
+ if (null != jqXHRCheckPwdPolicy)
+ {
+ jqXHRCheckPwdPolicy.abort();
+ }
+
+ var oData = {};
+ $.each(aPwdFieldMap, function(index, sPwdField) {
+ oData[sPwdField] = $('#'+sPwdField).val();
+ });
+
+ if (oData.new_pwd != oData.retype_new_pwd)
+ {
+ $('#login-submit .message')
+ .empty()
+ .append('{{ 'UI:Login:RetypePwdDoesNotMatch'|dict_s }}')
+ ;
+ $('#login-submit')
+ .addClass('invalid')
+ ;
+
+ $('#login-submit .login-submit-primary').prop('disabled', true);
+ }
+ else
+ {
+ $('#login-submit .message')
+ .empty()
+ ;
+ $('#login-submit')
+ .removeClass('invalid')
+ ;
+ $('#login-submit .login-submit-primary').prop('disabled', false);
+ }
+
+ jqXHRCheckPwdPolicy = $.ajax('?loginop=check_pwd_policy', {
+ cache: false,
+ dataType: 'json',
+ data: oData,
+ method:'POST'
+ });
+
+ jqXHRCheckPwdPolicy.done(function(oResponse) {
+ $.each(aPwdFieldMap, function(index, sPwdField) {
+ var oField = $('#'+sPwdField);
+ var oDiv = oField.parent();
+ var oMessage = oDiv.find('.message');
+
+ oMessage.empty();
+
+ if (oResponse[sPwdField].isValid || oField.val() == '')
+ {
+ oDiv.removeClass('invalid');
+ }
+ else
+ {
+ oDiv.addClass('invalid');
+ oMessage.append(oResponse[sPwdField].message);
+ }
+
+
+ });
+ });
+
+
+ jqXHRCheckPwdPolicy.fail(function(oResponse) {
+
+ });
+ }, 200); //setTimeout
+
+ }); //.on('keyup', function() {
+}); //$(function() {
\ No newline at end of file