}
}
elsif ($fail_code == AUTH_ERROR) {
- ThrowCodeError($result->{error}, $result->{details});
+ if ($result->{user_error}) {
+ ThrowUserError($result->{error}, $result->{details});
+ }
+ else {
+ ThrowCodeError($result->{error}, $result->{details});
+ }
}
elsif ($fail_code == AUTH_NODATA) {
$self->{_info_getter}->fail_nodata($self)
};
}
+ # Force the user to type a longer password if it's too short.
+ if (length($password) < USER_PASSWORD_MIN_LENGTH) {
+ return { failure => AUTH_ERROR, error => 'password_current_too_short',
+ user_error => 1, details => { locked_user => $user } };
+ }
+
# The user's credentials are okay, so delete any outstanding
# password tokens or login failures they may have generated.
Bugzilla::Token::DeletePasswordTokens($user->id, "user_logged_in");
auth_invalid_email => 302,
extern_id_conflict => -303,
auth_failure => 304,
+ password_current_too_short => 305,
# Except, historically, AUTH_NODATA, which is 410.
login_required => 410,
The account has been disabled. A reason may be specified with the
error.
+=item 305 (New Password Required)
+
+The current password is correct, but the user is asked to change
+his password.
+
=item 50 (Param Required)
A login or password parameter was not provided.
title = title
onload = "document.forms['confirm_account_form'].realname.focus();" %]
-<div>
+<p>
To create your account, you must enter a password in the form below.
Your email address and Real Name (if provided) will be shown with
changes you make.
-</div>
+</p>
<form id="confirm_account_form" method="post" action="token.cgi">
<input type="hidden" name="t" value="[% token FILTER html %]">
</tr>
<tr>
<th align="right"><label for="passwd1">Type your password</label>:</th>
- <td><input type="password" id="passwd1" name="passwd1" value=""></td>
+ <td>
+ <input type="password" id="passwd1" name="passwd1" value="">
+ (minimum [% constants.USER_PASSWORD_MIN_LENGTH FILTER none %] characters)
+ </td>
</tr>
<tr>
<th align="right"><label for="passwd2">Confirm your password</label>:</th>
<th align="right">New Password:</th>
<td>
<input type="password" name="password">
+ (minimum [% constants.USER_PASSWORD_MIN_LENGTH FILTER none %] characters)
</td>
</tr>
[% title = "Passwords Don't Match" %]
The two passwords you entered did not match.
+ [% ELSIF error == "password_current_too_short" %]
+ [% title = "New Password Required" %]
+ Your password is currently less than
+ [%+ constants.USER_PASSWORD_MIN_LENGTH FILTER html %] characters long,
+ which is the new minimum length required for passwords.
+ You must <a href="token.cgi?a=reqpw&loginname=[% locked_user.email FILTER html %]">
+ request a new password</a> in order to log in again.
+
[% ELSIF error == "password_too_short" %]
[% title = "Password Too Short" %]
The password must be at least
projects / thirdparty / bugzilla.git / commitdiff
