2 files changed, 45 insertions, 7 deletions

diff --git a/www/js/config.js-example b/www/js/config.js-example
index 66e0ed8..1f1eef1 100644
--- a/www/js/config.js-example
+++ b/www/js/config.js-example
@@ -77,7 +77,16 @@ var CONFIG = {
     // Set this to 0 if you wish to disable this check. NB: If the check is
     // active on the server the user's password may still be rejected if it's
     // too short.
-    PASSWORD_MIN_LENGTH: 6
+    PASSWORD_MIN_LENGTH: 6,
+
+    // FMS provides a mechanism for rejecting passwords that are too common.
+    // Set this flag to true if the password should be checked against the
+    // server when a user registers an account via the app.
+    // NB: If this flag is false here but the check is active on the FMS server,
+    // common passwords will still be rejected at the point the report is sent
+    // from the app to the server - which may be a large POST if the report has
+    // photos attached.
+    PASSWORD_CHECK_COMMON: true
 };
 
 
diff --git a/www/js/views/submit.js b/www/js/views/submit.js
index 99f2d9b..4a92fe3 100644
--- a/www/js/views/submit.js
+++ b/www/js/views/submit.js
@@ -418,14 +418,43 @@
 
             onClickContinue: function(e) {
                 e.preventDefault();
-                if ( this.validate() ) {
-                    $('#continue').focus();
-                    if ( ! this.model.get('submit_clicked') ) {
-                        this.model.set('submit_clicked', 'submit_sign_in');
+                if (this.validate()) {
+                    // The password may be long enough, but is it going to be
+                    // accepted by the server? Check before proceeding.
+                    if (CONFIG.PASSWORD_CHECK_COMMON) {
+                        var that = this;
+                        $.post(
+                            CONFIG.FMS_URL + "/auth/common_password",
+                            { password_register: $('#form_password').val() },
+                            null,
+                            'json'
+                        )
+                        .done(function(result) {
+                            if (result === true) {
+                                that.savePasswordAndContinue();
+                            } else {
+                                that.validationError('form_password', result);
+                            }
+                        })
+                        .fail(function() {
+                            // If this failed for whatever reason (e.g. network
+                            // error etc), don't worry about it as it'll be
+                            // resubmitted with the report.
+                            that.savePasswordAndContinue();
+                        });
+                    } else {
+                        this.savePasswordAndContinue();
                     }
-                    FMS.currentUser.set('password', $('#form_password').val());
-                    this.navigate( this.next );
                 }
+            },
+
+            savePasswordAndContinue: function() {
+                $('#continue').focus();
+                if ( ! this.model.get('submit_clicked') ) {
+                    this.model.set('submit_clicked', 'submit_sign_in');
+                }
+                FMS.currentUser.set('password', $('#form_password').val());
+                this.navigate( this.next );
             }
         })
     });