Merge pull request #17 from VincentMarmiesse/add-length-constant

Improve password validation UX
PH2M · Oct 5, 2018 · 493a920 · 493a920
2 parents 5f8bc14 + c924d8f
commit 493a920
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 25 deletions.
diff --git a/README.md b/README.md
@@ -1,11 +1,8 @@
 # PH2M GDPR
-
 Free Magento 1 module for respect reform of EU data protection rules (GDPR)
 
-
 ## Requirements
-
-- Only test on Magento 1.9.x (but probably work on magento 1.4.x to 1.9.x)
+- Only test on Magento 1.9.x (but probably works on magento 1.4.x to 1.9.x)
 
 ## Changelog 
 See RELEASE_NOTES.txt
@@ -49,6 +46,12 @@ Download this module and add 'app' and 'skin' directory to you magento
 - Run cron phgdpr_check_rules and check GDPR validity on 'System > Configuration > General > GDPR > Status'
 - You can test download data or remove data from your customer dashboard
 
+## Password validation
+You must customize your theme if you want to enable the JS password validation.
+Follow these steps:
+1. Uncomment the `password-validation.js` inclusion in `app/design/frontend/base/default/layout/ph/gdpr.xml`
+2. In your theme's register template, replace the `validate-password` class by `validate-gdpr-password`. Usually, you should have `customer/form/register.phtml` and `checkout/onepage/billing.phtml`.
+
 ## Developer guide
 #### ADD Custom process before / after customer download or remove data
 - Download event:
@@ -102,24 +105,17 @@ You can add your own custom process thanks to the queue system. for this, follow
  - params (you can add all info you want to get for you process)
  - run_date (date when you want run your process, keep empty for run at the next queue running)
 
-
-
 ## Licence
-
 GNU General Public License, version 3 (GPLv3)
 
-
 ## Mini-help for contribution
-
 Auto-generate modman with https://github.com/mhauri/generate-modman:
-
 ```
 make modman
 ```
 
 ## Configuration recommended (With magerun)
- ```
-
+```
 magerun config:set  "phgdpr/fonctionality/password_format_validation" "1"
 magerun config:set  "phgdpr/fonctionality/login_limit_attempts" "1"
 
@@ -136,5 +132,4 @@ magerun config:set  "phgdpr/customer_data_download/enable_customer_download_addr
 magerun config:set  "phgdpr/customer_data_download/address_attribute_to_export" "prefix,firstname,middlename,lastname,suffix,company,street,city,country_id,region,postcode,telephone,fax"
 magerun config:set  "phgdpr/customer_data_download/enable_customer_download_orders" "1"
 magerun config:set  "phgdpr/customer_data_download/order_attribute_to_export" "created_at,customer_dob,customer_email,customer_firstname,customer_gender,customer_lastname,customer_middlename,customer_prefix,customer_suffix,discount_amount,grand_total,shipping_amount,increment_id"
-
- ```
+```
diff --git a/app/code/community/PH2M/Gdpr/Helper/Password.php b/app/code/community/PH2M/Gdpr/Helper/Password.php
@@ -15,8 +15,12 @@
  *
  */
 
+/**
+ * Class PH2M_Gdpr_Helper_Password
+ */
 class PH2M_Gdpr_Helper_Password
 {
+    const MIN_PASSWORD_LENGTH = 8;
 
     /**
      * Check if the password is valid for gdpr
@@ -27,8 +31,8 @@ class PH2M_Gdpr_Helper_Password
     public function invalidPasswordFormat($password)
     {
         $errorCount = 1;
-        if (strlen($password) < '8') {
-            return Mage::helper('phgdpr')->__('Your password must contain at least 8 characters.');
+        if (strlen($password) < self::MIN_PASSWORD_LENGTH) {
+            return Mage::helper('phgdpr')->__('Your password must contain at least %s characters.', self::MIN_PASSWORD_LENGTH);
         }
         if (!preg_match("#[0-9]+#", $password)) {
             $errorCount++;
@@ -44,7 +48,7 @@ public function invalidPasswordFormat($password)
         }
 
         if ($errorCount >= 3) {
-            return Mage::helper('phgdpr')->__('Please enter valid password, with 3 or more than options, numeric, lowercase, uppercase, special character');
+            return Mage::helper('phgdpr')->__('Your password must respect at least 3 of the following conditions: one capital letter, one lowercase letter, one number, one special character and contains at least 8 characters.');
         }
         return false;
     }

diff --git a/app/design/frontend/base/default/layout/ph/gdpr.xml b/app/design/frontend/base/default/layout/ph/gdpr.xml
@@ -19,7 +19,7 @@
 <layout version="0.1.0">
     <default>
         <reference name="head">
-            <!-- TODO -->
+            <!-- Uncomment these lines to enable JS password validation (see README) -->
             <!--<action method="addItem" ifconfig="phgdpr/fonctionality/password_format_validation" condition="1">-->
                 <!--<type>skin_js</type>-->
                 <!--<file>js/ph/gdpr/password-validation.js</file>-->

diff --git a/app/locale/fr_FR/PH2M_Gdpr.csv b/app/locale/fr_FR/PH2M_Gdpr.csv
@@ -66,9 +66,8 @@
 #############
 ### FRONT ###
 #############
-"Your password must contain at least 8 characters.","Votre mot de passe doit contenir au moins 8 caractères."
-"Please enter valid password, with 3 or more than options, numeric, lowercase, uppercase, special character","Merci de renseigner un mot de passe valide, avec au moins 3 de ces options, nombres, minuscules, majuscules, caractères spéciaux"
+"Your password must contain at least %s characters.","Votre mot de passe doit contenir au moins %s caractères."
+"Your password must respect at least 3 of the following conditions: one capital letter, one lowercase letter, one number, one special character and contains at least 8 characters.","Votre mot de passe doit respecter au moins 3 des conditions suivantes : une majuscule, une minuscule, un chiffre, un caractère spécial et doit contenir au moins 8 caractères."
 "Delete my account","Supprimer mon compte"
 "Download my account data","Télécharger mes données"
-"Please enter valid password, with 3 or more than options, numeric, lowercase, uppercase, special character and 8 or more characters.","Veuillez entrer un mot de passe valide, avec 3 options ou plus, numériques, minuscules, majuscules, caractères spéciaux et 8 caractères ou plus."
 "You tried to log in too many times, you can try again after %s minutes","Vous avez essayé de vous connecter un trop grand nombre de fois, vous pouvez réessayer dans %s minutes"
diff --git a/skin/frontend/base/default/js/ph/gdpr/password-validation.js b/skin/frontend/base/default/js/ph/gdpr/password-validation.js
@@ -1,8 +1,6 @@
 Validation.addAllThese([
-    ['validate-password', 'Please enter valid password, with 3 or more than options, numeric, lowercase, uppercase, special character and 8 or more characters.', function(v) {
-        // TODO : need to be compatible with bad format if account already created (login form for example)
-        return true;
-        var pass        = v.strip(); /*strip leading and trailing spaces*/
+    ['validate-gdpr-password', 'Your password must respect at least 3 of the following conditions: one capital letter, one lowercase letter, one number, one special character and contains at least 8 characters.', function(v) {
+        var pass        = v.strip();
         var errorCount  = 0;
         if(pass.length < 8 || pass.length > 30) {
             return false;