From 8e26c33abd551b357daa39f96323777832262308 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= <felix@piedallu.me>
Date: Sun, 30 Jun 2024 16:00:21 +0200
Subject: [PATCH] Check for password policy at the beginning of the app install

---
 scripts/_common.sh | 22 ++++++++++++++++++++++
 scripts/install    |  2 ++
 2 files changed, 24 insertions(+)

diff --git a/scripts/_common.sh b/scripts/_common.sh
index dff43e5..2dc6fb7 100644
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -25,6 +25,28 @@ fi
 # PERSONAL HELPERS
 #=================================================
 
+check_password_policy() {
+    password="$1"
+    # 12 caractères minimum, au moins une lettre majuscule, une lettre minuscule, un chiffre et un caractère spécial
+
+    msg=""
+    if (( ${#password} < 10 )); then
+        msg="is too short"
+    elif [[ $password != *[[:digit:]]* ]]; then
+        msg="does not contain any digit"
+    elif [[ $password != *[[:lower:]]* ]]; then
+        msg="does not contain any lower case letter"
+    elif [[ $password != *[[:upper:]]* ]]; then
+        msg="does not contain any upper case letter"
+    elif [[ "$password" =~ ^[0-9a-zA-Z]*$ ]]; then
+        msg="does not contain any special character"
+    fi
+
+    if [ -n "$msg" ]; then
+        ynh_die "Password should have min 12 chars, at least one lowercase, one uppercase, one digit and one special character, but it $msg."
+    fi
+}
+
 env_ruby() {
     ynh_exec_as "$app" "$ynh_ruby_load_path" "$@"
 }
diff --git a/scripts/install b/scripts/install
index fe3ffbd..a8e77ae 100755
--- a/scripts/install
+++ b/scripts/install
@@ -16,6 +16,8 @@ admin_mail=$(ynh_user_get_info --username="$admin" --key=mail)
 secret_key_base=$(ynh_string_random --length=30)
 ynh_app_setting_set --app="$app" --key="secret_key_base" --value="$secret_key_base"
 
+check_password_policy "$password"
+
 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================