PLT-1465 Added password requirements (#3489)

* Added password requirements

* added tweaks

* fixed error code

* removed http.StatusNotAcceptable

4 files changed, 63 insertions, 14 deletions

diff --git a/model/config.go b/model/config.go
index d86ff75b4..3a0d7f976 100644
--- a/model/config.go
+++ b/model/config.go
@@ -19,6 +19,9 @@ const (
 	DATABASE_DRIVER_MYSQL    = "mysql"
 	DATABASE_DRIVER_POSTGRES = "postgres"
 
+	PASSWORD_MAXIMUM_LENGTH = 64
+	PASSWORD_MINIMUM_LENGTH = 5
+
 	SERVICE_GITLAB = "gitlab"
 	SERVICE_GOOGLE = "google"
 
@@ -102,6 +105,14 @@ type LogSettings struct {
 	EnableWebhookDebugging bool
 }
 
+type PasswordSettings struct {
+	MinimumLength *int
+	Lowercase     *bool
+	Number        *bool
+	Uppercase     *bool
+	Symbol        *bool
+}
+
 type FileSettings struct {
 	MaxFileSize                *int64
 	DriverName                 string
@@ -259,6 +270,7 @@ type Config struct {
 	TeamSettings         TeamSettings
 	SqlSettings          SqlSettings
 	LogSettings          LogSettings
+	PasswordSettings     PasswordSettings
 	FileSettings         FileSettings
 	EmailSettings        EmailSettings
 	RateLimitSettings    RateLimitSettings
@@ -356,6 +368,31 @@ func (o *Config) SetDefaults() {
 		*o.ServiceSettings.EnableMultifactorAuthentication = false
 	}
 
+	if o.PasswordSettings.MinimumLength == nil {
+		o.PasswordSettings.MinimumLength = new(int)
+		*o.PasswordSettings.MinimumLength = PASSWORD_MINIMUM_LENGTH
+	}
+
+	if o.PasswordSettings.Lowercase == nil {
+		o.PasswordSettings.Lowercase = new(bool)
+		*o.PasswordSettings.Lowercase = false
+	}
+
+	if o.PasswordSettings.Number == nil {
+		o.PasswordSettings.Number = new(bool)
+		*o.PasswordSettings.Number = false
+	}
+
+	if o.PasswordSettings.Uppercase == nil {
+		o.PasswordSettings.Uppercase = new(bool)
+		*o.PasswordSettings.Uppercase = false
+	}
+
+	if o.PasswordSettings.Symbol == nil {
+		o.PasswordSettings.Symbol = new(bool)
+		*o.PasswordSettings.Symbol = false
+	}
+
 	if o.TeamSettings.RestrictTeamNames == nil {
 		o.TeamSettings.RestrictTeamNames = new(bool)
 		*o.TeamSettings.RestrictTeamNames = true
@@ -919,6 +956,10 @@ func (o *Config) IsValid() *AppError {
 		}
 	}
 
+	if *o.PasswordSettings.MinimumLength < PASSWORD_MINIMUM_LENGTH || *o.PasswordSettings.MinimumLength > PASSWORD_MAXIMUM_LENGTH {
+		return NewLocAppError("Config.IsValid", "model.config.is_valid.password_length.app_error", map[string]interface{}{"MinLength": PASSWORD_MINIMUM_LENGTH, "MaxLength": PASSWORD_MAXIMUM_LENGTH}, "")
+	}
+
 	return nil
 }
 
diff --git a/model/license.go b/model/license.go
index 9781e3bf0..a77a7349a 100644
--- a/model/license.go
+++ b/model/license.go
@@ -32,15 +32,16 @@ type Customer struct {
 }
 
 type Features struct {
-	Users          *int  `json:"users"`
-	LDAP           *bool `json:"ldap"`
-	MFA            *bool `json:"mfa"`
-	GoogleSSO      *bool `json:"google_sso"`
-	Compliance     *bool `json:"compliance"`
-	CustomBrand    *bool `json:"custom_brand"`
-	MHPNS          *bool `json:"mhpns"`
-	SAML           *bool `json:"saml"`
-	FutureFeatures *bool `json:"future_features"`
+	Users                *int  `json:"users"`
+	LDAP                 *bool `json:"ldap"`
+	MFA                  *bool `json:"mfa"`
+	GoogleSSO            *bool `json:"google_sso"`
+	Compliance           *bool `json:"compliance"`
+	CustomBrand          *bool `json:"custom_brand"`
+	MHPNS                *bool `json:"mhpns"`
+	SAML                 *bool `json:"saml"`
+	PasswordRequirements *bool `json:"password_requirements"`
+	FutureFeatures       *bool `json:"future_features"`
 }
 
 func (f *Features) SetDefaults() {
@@ -88,6 +89,11 @@ func (f *Features) SetDefaults() {
 		f.SAML = new(bool)
 		*f.SAML = *f.FutureFeatures
 	}
+
+	if f.PasswordRequirements == nil {
+		f.PasswordRequirements = new(bool)
+		*f.PasswordRequirements = *f.FutureFeatures
+	}
 }
 
 func (l *License) IsExpired() bool {
diff --git a/model/user.go b/model/user.go
index 1047cc429..c792f80d1 100644
--- a/model/user.go
+++ b/model/user.go
@@ -27,7 +27,6 @@ const (
 	DEFAULT_LOCALE             = "en"
 	USER_AUTH_SERVICE_EMAIL    = "email"
 	USER_AUTH_SERVICE_USERNAME = "username"
-	MIN_PASSWORD_LENGTH        = 5
 )
 
 type User struct {
@@ -95,10 +94,6 @@ func (u *User) IsValid() *AppError {
 		return NewLocAppError("User.IsValid", "model.user.is_valid.last_name.app_error", nil, "user_id="+u.Id)
 	}
 
-	if len(u.Password) > 128 {
-		return NewLocAppError("User.IsValid", "model.user.is_valid.pwd.app_error", nil, "user_id="+u.Id)
-	}
-
 	if u.AuthData != nil && len(*u.AuthData) > 128 {
 		return NewLocAppError("User.IsValid", "model.user.is_valid.auth_data.app_error", nil, "user_id="+u.Id)
 	}
diff --git a/model/utils.go b/model/utils.go
index 27093c096..27ab3e27e 100644
--- a/model/utils.go
+++ b/model/utils.go
@@ -20,6 +20,13 @@ import (
 	"github.com/pborman/uuid"
 )
 
+const (
+	LOWERCASE_LETTERS = "abcdefghijklmnopqrstuvwxyz"
+	UPPERCASE_LETTERS = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	NUMBERS           = "0123456789"
+	SYMBOLS           = " !\"\\#$%&'()*+,-./:;<=>?@[]^_`|~"
+)
+
 type StringInterface map[string]interface{}
 type StringMap map[string]string
 type StringArray []string