VladPolskiy/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2025-07-23 00:30:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add password reset link expires in option

Browse Source
This commit is contained in:
Ilia Ross
2025-05-03 17:54:56 +03:00
parent b8820c6562
commit f63f3a6817
4 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
forgot.cgi
View File

@ -12,7 +12,7 @@ $trust_unknown_referers = 1;
&error_setup($text{'forgot_err'});
$gconfig{'forgot_pass'} || &error($text{'forgot_ecannot'});
&theme_forgot_handler($0) if (defined(&theme_forgot_handler));
my $forgot_timeout = 10;
$gconfig{'passreset_timeout'} ||= 15;
$remote_user && &error($text{'forgot_elogin'});
# Check that the random ID is valid
@ -20,8 +20,8 @@ $in{'id'} =~ /^[a-f0-9]+$/i || &error($text{'forgot_eid'});
my %link;
&read_file("$main::forgot_password_link_dir/$in{'id'}", \%link) ||
&error($text{'forgot_eid2'});
time() - $link{'time'} > 60*$forgot_timeout &&
&error(&text('forgot_etime', $forgot_timeout));
time() - $link{'time'} > 60*$gconfig{'passreset_timeout'} &&
&error(&text('forgot_etime', $gconfig{'passreset_timeout'}));
# Get the Webmin user
&foreign_require("acl");

5
webmin/change_session.cgi
View File

@ -175,6 +175,11 @@ else {
$gconfig{'passreset_time'} = $gconfig{'passreset_failures'} = undef;
}
# Password expiry
$in{'passreset_timeout'} =~ /^\d+$/ && $in{'passreset_timeout'} > 0 ||
&error($text{'session_epassreset_timeout'});
$gconfig{'passreset_timeout'} = $in{'passreset_timeout'};
&write_file("$config_directory/config", \%gconfig);
&unlock_file("$config_directory/config");

5
webmin/edit_session.cgi
View File

@ -164,6 +164,11 @@ print &ui_table_row($text{'session_passresetdesc'},
&ui_textbox("passreset_time", $gconfig{'passreset_time'}, 4)),
$gconfig{'passreset_failures'} ? 1 : 0));
# Password reset link expiry
$gconfig{'passreset_timeout'} ||= 15;
print &ui_table_row(&text('session_passtimeout',
&ui_textbox("passreset_timeout", $gconfig{'passreset_timeout'}, 4)));
print ui_table_end();
print ui_form_end([ [ "save", $text{'save'} ] ]);

2
webmin/lang/en
View File

@ -681,6 +681,8 @@ session_eforgot=Forgotten password recovery cannot be enabled unless the <b>Virt
session_passresetdesc=Password recovery throttling
session_passreset=Block clients with more than $1 requests for $2 minutes
session_epassreset_failures=Missing or invalid blocking requests
session_passtimeout=Password reset link expires in $1 minutes
session_epassreset_timeout=Missing or invalid password reset timeout
assignment_title=Reassign Modules
assignment_header=Module category assignments