save

alainabbas · tacxou · commit ea293c8afa46 · 2024-07-31T15:39:41.000+02:00
diff --git a/src/management/passwd/_schemas/PasswordPolicies.ts b/src/management/passwd/_schemas/PasswordPolicies.ts
@@ -0,0 +1,41 @@
+import { AbstractSchema } from '~/_common/abstracts/schemas/abstract.schema';
+import { Prop, Schema, SchemaFactory } from '@nestjs/mongoose';
+import {Identities} from "~/management/identities/_schemas/identities.schema";
+
+export type PasswordPoliciesDocument = Identities & Document;
+
+@Schema({ versionKey: false })
+export class PasswordPolicies extends AbstractSchema {
+  @Prop({ type: Number, default: 8 })
+  len: Number;
+
+  @Prop({ type: Number,default:1 })
+  hasUpperCase: Number;
+
+  @Prop({ type: Number,default:1 })
+  hasLowerCase: Number;
+
+  @Prop({ type: Number,default:1 })
+  hasNumbers: Number;
+
+  @Prop({ type: Number,default:1 })
+  hasSpecialChars: Number;
+
+  @Prop({ type: Number,default:20 })
+  minComplexity: Number;
+
+  @Prop({ type: Number,default:60 })
+  goodComplexity: Number;
+
+  @Prop({ type: Boolean,default:true })
+  checkPwned: Boolean;
+
+  @Prop({ type: Number,default:10 })
+  maxRetry: Number;
+
+  @Prop({ type: Number,default:3600 })
+  bannedTime: Number;
+
+}
+
+export const PasswordPoliciesSchema = SchemaFactory.createForClass(PasswordPolicies);
diff --git a/src/management/passwd/dto/password-policy.dto.ts b/src/management/passwd/dto/password-policy.dto.ts
@@ -0,0 +1,44 @@
+import { ApiProperty } from '@nestjs/swagger';
+import { IsNumber, IsBoolean } from 'class-validator';
+
+export class PasswordPoliciesDto {
+  @IsNumber()
+  @ApiProperty({ example: '8', description: 'Password minimal Length', type: Number })
+  public len: Number;
+
+  @IsNumber()
+  @ApiProperty({ example: '1', description: 'Minimal amount of letters in uppercase', type: Number })
+  public hasUpperCase: Number;
+
+  @IsNumber()
+  @ApiProperty({ example: '1', description: 'Minimal amount of letters in lowercase', type: Number })
+  public hasLowerCase: Number;
+
+  @IsNumber()
+  @ApiProperty({ example: '1', description: 'Minimal amount of numbers', type: Number })
+  public hasNumbers: Number;
+
+  @IsNumber()
+  @ApiProperty({ example: '1', description: 'Minimal amount of special characters', type: Number })
+  public hasSpecialChars: Number;
+
+  @IsNumber()
+  @ApiProperty({ example: '30', description: 'Minimal complexity (entropy), Below this number the password wont be accepted', type: Number })
+  public minComplexity: Number;
+
+  @IsNumber()
+  @ApiProperty({ example: '70', description: 'Good complexity (entropy), Upper this number the password is considered  good', type: Number })
+  public goodComplexity: Number;
+
+  @IsBoolean()
+  @ApiProperty({ example: true, description: 'Teh password will be checked on Pwned', type: Boolean })
+  public checkPwned: Boolean;
+
+  @IsNumber()
+  @ApiProperty({ example: '10', description: 'after X bad logins the user will be banned for  bannedTime', type: Number })
+  public maxRetry: Number;
+
+  @IsNumber()
+  @ApiProperty({ example: '3600', description: 'in Seconds', type: Number })
+  public bannedTime: Number;
+}
diff --git a/src/management/passwd/passwd.controller.ts b/src/management/passwd/passwd.controller.ts
@@ -1,11 +1,12 @@
-import { Controller, Post, Body, Res, Logger, HttpStatus } from '@nestjs/common';
+import {Controller, Post, Body, Res, Logger, HttpStatus, Get} from '@nestjs/common';
 import { PasswdService } from './passwd.service';
 import { ApiTags, ApiOperation, ApiResponse } from '@nestjs/swagger';
 import { Response } from 'express';
 import { ChangePasswordDto } from './dto/change-password.dto';
 import { AskTokenDto } from './dto/ask-token.dto';
 import { VerifyTokenDto } from './dto/verify-token.dto';
 import { ResetPasswordDto } from './dto/reset-password.dto';
+import {omit} from "radash";
 
 @Controller('passwd')
 @ApiTags('management/passwd')
@@ -27,7 +28,7 @@ export class PasswdController {
     }
 
     return res.status(HttpStatus.OK).json({
-      message: 'Password changed',
+      message: 'Password changed', status:0,
       ...debug,
     });
   }
@@ -68,4 +69,12 @@ export class PasswdController {
       ...debug,
     });
   }
+  @Get('getpolicies')
+  @ApiOperation({ summary: 'Retourne la politique de mot de passe à appliquer' })
+  @ApiResponse({ status: HttpStatus.OK })
+  public async getPolicies(@Res() res: Response): Promise<Response> {
+    const data = await this.passwdService.getPolicies()
+    //const datax=omit(data.toObject,['_id'])
+    return res.status(HttpStatus.OK).json({data})
+  }
 }
diff --git a/src/management/passwd/passwd.module.ts b/src/management/passwd/passwd.module.ts
@@ -3,9 +3,20 @@ import { PasswdService } from './passwd.service';
 import { PasswdController } from './passwd.controller';
 import { BackendsModule } from '~/core/backends/backends.module';
 import { IdentitiesModule } from '../identities/identities.module';
+import {MongooseModule} from "@nestjs/mongoose";
+import {Agents, AgentsSchema} from "~/core/agents/_schemas/agents.schema";
+import {PasswordPolicies,PasswordPoliciesSchema} from "~/management/passwd/_schemas/PasswordPolicies";
 
 @Module({
-  imports: [BackendsModule, IdentitiesModule],
+  imports: [BackendsModule,
+    IdentitiesModule,
+    MongooseModule.forFeatureAsync([
+      {
+        name: PasswordPolicies.name,
+        useFactory: () => PasswordPoliciesSchema,
+      },
+    ]),
+  ],
   controllers: [PasswdController],
   providers: [PasswdService],
 })
diff --git a/src/management/passwd/passwd.service.ts b/src/management/passwd/passwd.service.ts
@@ -12,6 +12,9 @@ import { ResetPasswordDto } from './dto/reset-password.dto';
 import { IdentitiesService } from '../identities/identities.service';
 import { pick } from 'radash';
 import { Identities } from '../identities/_schemas/identities.schema';
+import {PasswordPolicies} from "~/management/passwd/_schemas/PasswordPolicies";
+import {Model} from "mongoose";
+import {InjectModel} from "@nestjs/mongoose";
 
 interface TokenData {
   k: string;
@@ -37,6 +40,7 @@ export class PasswdService extends AbstractService {
     protected readonly backends: BackendsService,
     protected readonly identities: IdentitiesService,
     @InjectRedis() private readonly redis: Redis,
+    @InjectModel(PasswordPolicies.name) protected passwordPolicies: Model<PasswordPolicies>
   ) {
     super();
   }
@@ -159,4 +163,12 @@ export class PasswdService extends AbstractService {
       throw new BadRequestException('Une erreur est survenue : Tentative de réinitialisation de mot de passe impossible');
     }
   }
+
+  public async getPolicies(): Promise<any>{
+    const passwordPolicies = await this.passwordPolicies.findOne()
+    if (passwordPolicies === null){
+      return new this.passwordPolicies()
+    }
+    return passwordPolicies
+  }
 }
