diff options
| author | Brynn Crowley <littlehill723@gmail.com> | 2025-03-06 08:24:19 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-06 08:24:19 +0000 |
| commit | f4abcb34b757e40467344ffdd7cec9f77f46a227 (patch) | |
| tree | f3cc73da2ebaa978186f6f470d5bd27b279f6a96 /internal/handlers/util.go | |
| parent | 5b52a9d4b18b5a07b1edb7403b6dc90b8d5c628d (diff) | |
feat(web): change password (#7676)
Add the ability for users to change their password from their user settings, without requiring them to use the reset password workflow. User's are required to create a elevated session in order to change their password. Users may not change their password to their current password. The user's current password is required for the password change. Users must follow any established password policies. Administrators are able to turn this feature off.
Closes #3548
Diffstat (limited to 'internal/handlers/util.go')
| -rw-r--r-- | internal/handlers/util.go | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/internal/handlers/util.go b/internal/handlers/util.go index 9a137f6a1..92c7e2d28 100644 --- a/internal/handlers/util.go +++ b/internal/handlers/util.go @@ -2,6 +2,7 @@ package handlers import ( "fmt" + "strings" "github.com/authelia/authelia/v4/internal/authentication" "github.com/authelia/authelia/v4/internal/middlewares" @@ -21,9 +22,10 @@ const ( eventEmailAction2FAAddedSuffix = "was added to your account." eventEmailAction2FARemovedSuffix = "was removed from your account." - eventEmailActionPasswordResetPrefix = "your" - eventEmailActionPasswordReset = "Password Reset" - eventEmailActionPasswordResetSuffix = "was successful." + eventEmailActionPasswordModifyPrefix = "your" + eventEmailActionPasswordReset = "Password Reset" + eventEmailActionPasswordChange = "Password Change" + eventEmailActionPasswordModifySuffix = "was successful." eventLogCategoryOneTimePassword = "One-Time Password" eventLogCategoryWebAuthnCredential = "WebAuthn Credential" //nolint:gosec @@ -75,3 +77,23 @@ func ctxLogEvent(ctx *middlewares.AutheliaCtx, username, description string, bod return } } + +func redactEmail(email string) string { + parts := strings.Split(email, "@") + if len(parts) != 2 { + return "" + } + + localPart := parts[0] + domain := parts[1] + + if len(localPart) <= 2 { + return strings.Repeat("*", len(localPart)) + "@" + domain + } + + first := string(localPart[0]) + last := string(localPart[len(localPart)-1]) + middle := strings.Repeat("*", len(localPart)-2) + + return first + middle + last + "@" + domain +} |