6 files changed, 141 insertions, 14 deletions
diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm
index a1d301249..85b6204fc 100644
--- a/perllib/FixMyStreet/App/Controller/Admin.pm
+++ b/perllib/FixMyStreet/App/Controller/Admin.pm
@@ -1423,10 +1423,14 @@ sub user_edit : Path('user_edit') : Args(1) {
 
     if ( $c->get_param('submit') and $c->get_param('unban') ) {
         $c->forward('unban_user', [ $user ]);
+    } elsif ( $c->get_param('submit') and $c->get_param('logout_everywhere') ) {
+        $c->forward('user_logout_everywhere', [ $user ]);
     } elsif ( $c->get_param('submit') and $c->get_param('anon_everywhere') ) {
         $c->forward('user_anon_everywhere', [ $user ]);
     } elsif ( $c->get_param('submit') and $c->get_param('hide_everywhere') ) {
         $c->forward('user_hide_everywhere', [ $user ]);
+    } elsif ( $c->get_param('submit') and $c->get_param('remove_account') ) {
+        $c->forward('user_remove_account', [ $user ]);
     } elsif ( $c->get_param('submit') ) {
 
         my $edited = 0;
@@ -1756,6 +1760,15 @@ sub ban_user : Private {
     return 1;
 }
 
+sub user_logout_everywhere : Private {
+    my ( $self, $c, $user ) = @_;
+    my $sessions = $user->get_extra_metadata('sessions');
+    foreach (grep { $_ ne $c->sessionid } @$sessions) {
+        $c->delete_session_data("session:$_");
+    }
+    $c->stash->{status_message} = _('That user has been logged out.');
+}
+
 sub user_anon_everywhere : Private {
     my ( $self, $c, $user ) = @_;
     $user->problems->update({anonymous => 1});
@@ -1777,6 +1790,28 @@ sub user_hide_everywhere : Private {
     $c->stash->{status_message} = _('That user’s reports and updates have been hidden.');
 }
 
+# Anonymize and remove name from all problems/updates, disable all alerts.
+# Remove their account's email address, phone number, password, etc.
+sub user_remove_account : Private {
+    my ( $self, $c, $user ) = @_;
+    $c->forward('user_logout_everywhere', [ $user ]);
+    $user->problems->update({ anonymous => 1, name => '', send_questionnaire => 0 });
+    $user->comments->update({ anonymous => 1, name => '' });
+    $user->alerts->update({ whendisabled => \'current_timestamp' });
+    $user->password('', 1);
+    $user->update({
+        email => 'removed-' . $user->id . '@' . FixMyStreet->config('EMAIL_DOMAIN'),
+        email_verified => 0,
+        name => '',
+        phone => '',
+        phone_verified => 0,
+        title => undef,
+        twitter_id => undef,
+        facebook_id => undef,
+    });
+    $c->stash->{status_message} = _('That user’s personal details have been removed.');
+}
+
 sub unban_user : Private {
     my ( $self, $c, $user ) = @_;
 
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm
index b2d909f9c..533e6a9be 100644
--- a/perllib/FixMyStreet/App/Controller/Auth.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth.pm
@@ -5,6 +5,7 @@ use namespace::autoclean;
 BEGIN { extends 'Catalyst::Controller'; }
 
 use Email::Valid;
+use Data::Password::Common 'found';
 use Digest::HMAC_SHA1 qw(hmac_sha1);
 use JSON::MaybeXS;
 use MIME::Base64;
@@ -84,6 +85,12 @@ sub sign_in : Private {
     my $parsed = FixMyStreet::SMS->parse_username($username);
 
     if ($parsed->{username} && $password && $c->forward('authenticate', [ $parsed->{type}, $parsed->{username}, $password ])) {
+        # Upgrade hash count if necessary
+        my $cost = sprintf("%02d", FixMyStreet::DB::Result::User->cost);
+        if ($c->user->password !~ /^\$2a\$$cost\$/) {
+            $c->user->update({ password => $password });
+        }
+
         # unless user asked to be remembered limit the session to browser
         $c->set_session_cookie_expire(0)
           unless $remember_me;
@@ -143,6 +150,11 @@ sub email_sign_in : Private {
         return;
     }
 
+    my $password = $c->get_param('password_register');
+    if ($password) {
+        return unless $c->forward('/auth/test_password', [ $password ]);
+    }
+
     # If user registration is disabled then bail out at this point
     # if there's not already a user with this email address.
     # NB this uses the same template as a successful sign in to stop
@@ -156,8 +168,7 @@ sub email_sign_in : Private {
     }
 
     my $user_params = {};
-    $user_params->{password} = $c->get_param('password_register')
-        if $c->get_param('password_register');
+    $user_params->{password} = $password if $password;
     my $user = $c->model('DB::User')->new( $user_params );
 
     my $token_data = {
@@ -356,6 +367,55 @@ sub no_csrf_token : Private {
     $c->detach('/page_error_400_bad_request', []);
 }
 
+=item common_password
+
+Returns 1/0 depending on if password is common or not.
+
+=cut
+
+sub common_password : Local : Args(0) {
+    my ($self, $c) = @_;
+
+    my $password = $c->get_param('password_register');
+
+    my $return = JSON->true;
+    if (!$c->cobrand->call_hook('bypass_password_checks') && found($password)) {
+        $return = _('Please choose a less commonly-used password');
+    }
+
+    my $body = JSON->new->utf8->allow_nonref->encode($return);
+    $c->res->content_type('application/json; charset=utf-8');
+    $c->res->body($body);
+}
+
+=item test_password
+
+Checks a password is not too weak; returns true if okay,
+false if weak (and sets stash error).
+
+=cut
+
+sub test_password : Private {
+    my ($self, $c, $password) = @_;
+
+    return 1 if $c->cobrand->call_hook('bypass_password_checks');
+
+    my @errors;
+
+    my $min_length = $c->cobrand->password_minimum_length;
+    push @errors, sprintf(_('Please make sure your password is at least %d characters long'), $min_length)
+        if length($password) < $min_length;
+
+    push @errors, _('Please choose a less commonly-used password')
+        if found($password);
+
+    if (@errors) {
+        $c->stash->{field_errors}->{password_register} = join('<br>', @errors);
+        return 0;
+    }
+    return 1;
+}
+
 =head2 sign_out
 
 Log the user out. Tell them we've done so.
diff --git a/perllib/FixMyStreet/App/Controller/Auth/Phone.pm b/perllib/FixMyStreet/App/Controller/Auth/Phone.pm
index 8387b9d64..8e3150df9 100644
--- a/perllib/FixMyStreet/App/Controller/Auth/Phone.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth/Phone.pm
@@ -59,6 +59,11 @@ sub sign_in : Private {
         return;
     }
 
+    my $password = $c->get_param('password_register');
+    if ($password) {
+        return unless $c->forward('/auth/test_password', [ $password ]);
+    }
+
     (my $number = $parsed->{phone}->format) =~ s/\s+//g;
 
     if ( FixMyStreet->config('SIGNUPS_DISABLED')
@@ -70,8 +75,7 @@ sub sign_in : Private {
     }
 
     my $user_params = {};
-    $user_params->{password} = $c->get_param('password_register')
-        if $c->get_param('password_register');
+    $user_params->{password} = $password if $password;
     my $user = $c->model('DB::User')->new( $user_params );
 
     my $token_data = {
diff --git a/perllib/FixMyStreet/App/Controller/Auth/Profile.pm b/perllib/FixMyStreet/App/Controller/Auth/Profile.pm
index a58d2ddf6..87aff2261 100644
--- a/perllib/FixMyStreet/App/Controller/Auth/Profile.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth/Profile.pm
@@ -19,7 +19,7 @@ verifying email, phone, password.
 
 =cut
 
-sub auto {
+sub auto : Private {
     my ( $self, $c ) = @_;
 
     $c->detach( '/auth/redirect' ) unless $c->user;
@@ -49,10 +49,20 @@ sub change_password : Path('/auth/change_password') {
     my $new = $c->get_param('new_password') // '';
     my $confirm = $c->get_param('confirm') // '';
 
+    my $password_error;
+
+    # Check existing password, if available
+    if ($c->user->password) {
+        my $current = $c->get_param('current_password') // '';
+        $c->stash->{current_password} = $current;
+        $password_error = 'incorrect' unless $c->user->check_password($current);
+    }
+
     # check for errors
-    my $password_error =
+    $password_error ||=
        !$new && !$confirm ? 'missing'
       : $new ne $confirm ? 'mismatch'
+      : !$c->forward('/auth/test_password', [ $new ]) ? 'failed'
       :                    '';
 
     if ($password_error) {
@@ -62,10 +72,17 @@ sub change_password : Path('/auth/change_password') {
         return;
     }
 
-    # we should have a usable password - save it to the user
-    $c->user->obj->update( { password => $new } );
-    $c->stash->{password_changed} = 1;
-
+    if ($c->user->password) {
+        # we should have a usable password - save it to the user
+        $c->user->obj->update( { password => $new } );
+        $c->stash->{password_changed} = 1;
+    } else {
+        # Set up arguments for code sign in
+        $c->set_param('username', $c->user->username);
+        $c->set_param('password_register', $new);
+        $c->set_param('r', 'auth/change_password/success');
+        $c->detach('/auth/code_sign_in');
+    }
 }
 
 =head2 change_email
@@ -148,6 +165,12 @@ sub change_phone_success : Path('/auth/change_phone/success') {
     $c->res->redirect('/my');
 }
 
+sub change_password_success : Path('/auth/change_password/success') {
+    my ( $self, $c ) = @_;
+    $c->flash->{flash_message} = _('Your password has been changed');
+    $c->res->redirect('/my');
+}
+
 sub generate_token : Path('/auth/generate_token') {
     my ($self, $c) = @_;
 
diff --git a/perllib/FixMyStreet/App/Controller/Report/New.pm b/perllib/FixMyStreet/App/Controller/Report/New.pm
index 1083f843b..85652450e 100644
--- a/perllib/FixMyStreet/App/Controller/Report/New.pm
+++ b/perllib/FixMyStreet/App/Controller/Report/New.pm
@@ -817,8 +817,10 @@ sub process_user : Private {
     }
 
     $c->forward('update_user', [ \%params ]);
-    $report->user->password( Utils::trim_text( $params{password_register} ) )
-        if $params{password_register};
+    if ($params{password_register}) {
+        $c->forward('/auth/test_password', [ $params{password_register} ]);
+        $report->user->password(Utils::trim_text($params{password_register}));
+    }
 
     return 1;
 }
diff --git a/perllib/FixMyStreet/App/Controller/Report/Update.pm b/perllib/FixMyStreet/App/Controller/Report/Update.pm
index 8b96b02d1..24b54d7b5 100644
--- a/perllib/FixMyStreet/App/Controller/Report/Update.pm
+++ b/perllib/FixMyStreet/App/Controller/Report/Update.pm
@@ -149,11 +149,14 @@ sub process_user : Private {
 
     $update->user->name( Utils::trim_text( $params{name} ) )
         if $params{name};
-    $update->user->password( Utils::trim_text( $params{password_register} ) )
-        if $params{password_register};
     $update->user->title( Utils::trim_text( $params{fms_extra_title} ) )
         if $params{fms_extra_title};
 
+    if ($params{password_register}) {
+        $c->forward('/auth/test_password', [ $params{password_register} ]);
+        $update->user->password(Utils::trim_text($params{password_register}));
+    }
+
     return 1;
 }