feat: require current password when changing password, add zxcvbn strength check
Use PasswordChange model (requires current password) for users with existing passwords and PasswordSet for first-time setup. Add zxcvbn strength validation and current password field to credentials template. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
parent
72a93984f2
commit
a65af90320
3 changed files with 137 additions and 6 deletions
|
|
@ -40,13 +40,19 @@
|
|||
{% endif %}
|
||||
<form hx-post="/manage/credentials/password" hx-target="#password-section" hx-swap="innerHTML">
|
||||
<input type="hidden" name="csrf_token" value="{{ csrf_token_processor(request) }}">
|
||||
{% if has_password %}
|
||||
<div>
|
||||
<label for="current_password">Current password</label>
|
||||
<input type="password" id="current_password" name="current_password" required autocomplete="current-password">
|
||||
</div>
|
||||
{% endif %}
|
||||
<div>
|
||||
<label for="password">{{ "New password" if has_password else "Set password" }}</label>
|
||||
<input type="password" id="password" name="password" required minlength="8" autocomplete="new-password">
|
||||
<input type="password" id="password" name="password" required minlength="8" maxlength="256" autocomplete="new-password">
|
||||
</div>
|
||||
<div>
|
||||
<label for="confirm">Confirm password</label>
|
||||
<input type="password" id="confirm" name="confirm" required minlength="8" autocomplete="new-password">
|
||||
<input type="password" id="confirm" name="confirm" required minlength="8" maxlength="256" autocomplete="new-password">
|
||||
</div>
|
||||
<button type="submit">{{ "Change password" if has_password else "Set password" }}</button>
|
||||
</form>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue