Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
12/16/2021 06:16:38 PM (4 years ago)
Author:
imath
Message:

Introduce a new constant/filter to enforce strong password in BP areas

You can now use the BP_MEMBERS_REQUIRED_PASSWORD_STRENGTH constant or alternatively the 'bp_members_user_pass_required_strength' filter to force members to use password satisfying a strength score from 4 (strong) to 1 (weak). For instance use define ( 'BP_MEMBERS_REQUIRED_PASSWORD_STRENGTH', 4 ); to enforce strong passwords.

This setting will only be applied to these 2 BuddyPress specific areas:

  • the registration form,
  • the General User's front-end profile settings tab.

PS: this commit also removes completely the password-verify script from the BP Nouveau Template Pack which was deprecated since BuddyPress 5.0.

Props niftythree, dcavins

Fixes #8589

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/bp-templates/bp-nouveau/buddypress-functions.php

    r13153 r13189  
    385385        }
    386386
    387         // Add The password verify if needed.
    388         if ( bp_is_active( 'settings' ) || bp_get_signup_allowed() ) {
    389             /**
    390              * BP Nouveau is now directly using the `wp-admin/js/user-profile.js` script.
    391              *
    392              * Setting the user password is now more consistent with how WordPress handles it.
    393              *
    394              * @deprecated 5.0.0
    395              */
    396             $scripts['bp-nouveau-password-verify'] = array(
    397                 'file'         => 'js/password-verify%s.js',
    398                 'dependencies' => array( 'bp-nouveau', 'password-strength-meter' ),
    399                 'footer'       => true,
    400             );
    401         }
    402 
    403387        foreach ( $scripts as $handle => $script ) {
    404388            if ( ! isset( $script['file'] ) ) {
     
    531515        if ( is_customize_preview() ) {
    532516            $params['customizer_settings'] = bp_nouveau_get_temporary_setting( 'any' );
     517        }
     518
     519        $required_password_strength = bp_members_user_pass_required_strength();
     520        if ( $required_password_strength ) {
     521            $params['bpPasswordVerify'] = array(
     522                'tooWeakPasswordWarning' => __( 'Your password is too weak, please use a stronger password.', 'buddypress' ),
     523                'requiredPassStrength'   => bp_members_user_pass_required_strength(),
     524            );
    533525        }
    534526
Note: See TracChangeset for help on using the changeset viewer.