Add length/common password checking.

author: Matthew Somerville <matthew-github@dracos.co.uk> 2018-02-01 14:37:35 +0000
committer: Matthew Somerville <matthew-github@dracos.co.uk> 2018-02-06 16:53:25 +0000
commit: 3e201f8d48554ab8c4b8132eaa50b5fe7dd1d67e (patch)
tree: 7b943b171bfbcdd74444d5a938291c69218ea027 /perllib/FixMyStreet/App/Controller/Auth/Phone.pm
parent: 35445b8cc7ae02acdfbfc3e2e9da15b022736906 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Auth/Phone.pm b/perllib/FixMyStreet/App/Controller/Auth/Phone.pm
index 8387b9d64..8e3150df9 100644
--- a/perllib/FixMyStreet/App/Controller/Auth/Phone.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth/Phone.pm
@@ -59,6 +59,11 @@ sub sign_in : Private {
         return;
     }
 
+    my $password = $c->get_param('password_register');
+    if ($password) {
+        return unless $c->forward('/auth/test_password', [ $password ]);
+    }
+
     (my $number = $parsed->{phone}->format) =~ s/\s+//g;
 
     if ( FixMyStreet->config('SIGNUPS_DISABLED')
@@ -70,8 +75,7 @@ sub sign_in : Private {
     }
 
     my $user_params = {};
-    $user_params->{password} = $c->get_param('password_register')
-        if $c->get_param('password_register');
+    $user_params->{password} = $password if $password;
     my $user = $c->model('DB::User')->new( $user_params );
 
     my $token_data = {
author	Matthew Somerville <matthew-github@dracos.co.uk>	2018-02-01 14:37:35 +0000
committer	Matthew Somerville <matthew-github@dracos.co.uk>	2018-02-06 16:53:25 +0000
commit	3e201f8d48554ab8c4b8132eaa50b5fe7dd1d67e (patch)
tree	7b943b171bfbcdd74444d5a938291c69218ea027 /perllib/FixMyStreet/App/Controller/Auth/Phone.pm
parent	35445b8cc7ae02acdfbfc3e2e9da15b022736906 (diff)