Browse Source
Also limit the password length on reset
Signed-off-by: Joas Schilling <coding@schilljs.com>
pull/35965/head
Joas Schilling
4 years ago
No known key found for this signature in database
GPG Key ID: 74434EFE0D2E2205
2 changed files with
5 additions and
1 deletions
-
core/Controller/LoginController.php
-
core/Controller/LostController.php
|
|
|
@ -121,7 +121,7 @@ class LoginController extends Controller { |
|
|
|
|
|
|
|
$response = new RedirectResponse($this->urlGenerator->linkToRouteAbsolute( |
|
|
|
'core.login.showLoginForm', |
|
|
|
['clear' => true] // this param the the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
|
|
|
|
['clear' => true] // this param the code in login.js may be removed when the "Clear-Site-Data" is working in the browsers
|
|
|
|
)); |
|
|
|
|
|
|
|
$this->session->set('clearingExecutionContexts', '1'); |
|
|
|
|
|
|
|
@ -240,6 +240,10 @@ class LostController extends Controller { |
|
|
|
$this->eventDispatcher->dispatchTyped(new BeforePasswordResetEvent($user, $password)); |
|
|
|
\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]); |
|
|
|
|
|
|
|
if (strlen($password) > 469) { |
|
|
|
throw new HintException('Password too long', $this->l10n->t('Password is too long. Maximum allowed length is 469 characters.')); |
|
|
|
} |
|
|
|
|
|
|
|
if (!$user->setPassword($password)) { |
|
|
|
throw new Exception(); |
|
|
|
} |
|
|
|
|