mirror of
https://github.com/WordPress/WordPress.git
synced 2025-01-18 14:21:25 +01:00
Users: improve password generation feature.
On the user edit screen improve handling and clarify language: rename the "Generate Password" and "Show password" buttons to "Set New Password". Clicking it always generates a password. Also: improve inline code comments and descriptions. Props afercia, bookdude13, michaelarestad, pento. Fixes #42852. Built from https://develop.svn.wordpress.org/trunk@49248 git-svn-id: http://core.svn.wordpress.org/trunk@49010 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
0e85b07bc8
commit
daa977c495
@ -534,6 +534,14 @@ fieldset label,
|
||||
margin: 0 0 1em;
|
||||
}
|
||||
|
||||
.wp-generate-pw {
|
||||
margin-top: 1em;
|
||||
}
|
||||
|
||||
.wp-pwd {
|
||||
margin-top: 1em;
|
||||
}
|
||||
|
||||
#misc-publishing-actions label {
|
||||
vertical-align: baseline;
|
||||
}
|
||||
|
2
wp-admin/css/forms-rtl.min.css
vendored
2
wp-admin/css/forms-rtl.min.css
vendored
File diff suppressed because one or more lines are too long
@ -533,6 +533,14 @@ fieldset label,
|
||||
margin: 0 0 1em;
|
||||
}
|
||||
|
||||
.wp-generate-pw {
|
||||
margin-top: 1em;
|
||||
}
|
||||
|
||||
.wp-pwd {
|
||||
margin-top: 1em;
|
||||
}
|
||||
|
||||
#misc-publishing-actions label {
|
||||
vertical-align: baseline;
|
||||
}
|
||||
|
2
wp-admin/css/forms.min.css
vendored
2
wp-admin/css/forms.min.css
vendored
File diff suppressed because one or more lines are too long
@ -14,27 +14,30 @@
|
||||
$toggleButton,
|
||||
$submitButtons,
|
||||
$submitButton,
|
||||
currentPass;
|
||||
currentPass,
|
||||
$passwordWrapper;
|
||||
|
||||
function generatePassword() {
|
||||
if ( typeof zxcvbn !== 'function' ) {
|
||||
setTimeout( generatePassword, 50 );
|
||||
return;
|
||||
} else if ( ! $pass1.val() ) {
|
||||
// zxcvbn loaded before user entered password.
|
||||
} else if ( ! $pass1.val() || $passwordWrapper.hasClass( 'is-open' ) ) {
|
||||
// zxcvbn loaded before user entered password, or generating new password.
|
||||
$pass1.val( $pass1.data( 'pw' ) );
|
||||
$pass1.trigger( 'pwupdate' );
|
||||
showOrHideWeakPasswordCheckbox();
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
// zxcvbn loaded after the user entered password, check strength.
|
||||
check_pass_strength();
|
||||
showOrHideWeakPasswordCheckbox();
|
||||
}
|
||||
|
||||
// Install screen.
|
||||
if ( 1 !== parseInt( $toggleButton.data( 'start-masked' ), 10 ) ) {
|
||||
// Show the password not masked if admin_password hasn't been posted yet.
|
||||
$pass1.attr( 'type', 'text' );
|
||||
} else {
|
||||
// Otherwise, mask the password.
|
||||
$toggleButton.trigger( 'click' );
|
||||
}
|
||||
|
||||
@ -56,6 +59,7 @@
|
||||
|
||||
currentPass = $pass1.val();
|
||||
|
||||
// Refresh password strength area.
|
||||
$pass1.removeClass( 'short bad good strong' );
|
||||
showOrHideWeakPasswordCheckbox();
|
||||
} );
|
||||
@ -84,18 +88,11 @@
|
||||
$pass1.attr( 'type', 'password' );
|
||||
resetToggle( true );
|
||||
}
|
||||
|
||||
$pass1.focus();
|
||||
|
||||
if ( ! _.isUndefined( $pass1[0].setSelectionRange ) ) {
|
||||
$pass1[0].setSelectionRange( 0, 100 );
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
function bindPasswordForm() {
|
||||
var $passwordWrapper,
|
||||
$generateButton,
|
||||
var $generateButton,
|
||||
$cancelButton;
|
||||
|
||||
$pass1Row = $( '.user-pass1-wrap, .user-pass-wrap' );
|
||||
@ -123,7 +120,7 @@
|
||||
$pass1 = $( '#user_pass' );
|
||||
}
|
||||
|
||||
/**
|
||||
/*
|
||||
* Fix a LastPass mismatch issue, LastPass only changes pass2.
|
||||
*
|
||||
* This fixes the issue by copying any changes from the hidden
|
||||
@ -149,57 +146,59 @@
|
||||
|
||||
bindToggleButton();
|
||||
|
||||
if ( $generateButton.length ) {
|
||||
$passwordWrapper.hide();
|
||||
}
|
||||
// Generate the first password and cache it, but don't set it yet.
|
||||
wp.ajax.post( 'generate-password' )
|
||||
.done( function( data ) {
|
||||
// Cache password.
|
||||
$pass1.data( 'pw', data );
|
||||
} );
|
||||
|
||||
$generateButton.show();
|
||||
$generateButton.on( 'click', function () {
|
||||
updateLock = true;
|
||||
|
||||
$generateButton.hide();
|
||||
$passwordWrapper.show();
|
||||
// Make sure the password fields are shown.
|
||||
$generateButton.attr( 'aria-expanded', 'true' );
|
||||
$passwordWrapper
|
||||
.show()
|
||||
.addClass( 'is-open' );
|
||||
|
||||
// Enable the inputs when showing.
|
||||
$pass1.attr( 'disabled', false );
|
||||
$pass2.attr( 'disabled', false );
|
||||
|
||||
if ( $pass1.val().length === 0 ) {
|
||||
// Set the password to the generated value.
|
||||
generatePassword();
|
||||
}
|
||||
|
||||
// Show generated password in plaintext by default.
|
||||
resetToggle ( false );
|
||||
|
||||
// Generate the next password and cache.
|
||||
wp.ajax.post( 'generate-password' )
|
||||
.done( function( data ) {
|
||||
$pass1.data( 'pw', data );
|
||||
} );
|
||||
} );
|
||||
|
||||
$cancelButton = $pass1Row.find( 'button.wp-cancel-pw' );
|
||||
$cancelButton.on( 'click', function () {
|
||||
updateLock = false;
|
||||
|
||||
// Clear any entered password.
|
||||
$pass1.val( '' );
|
||||
|
||||
// Generate a new password.
|
||||
wp.ajax.post( 'generate-password' )
|
||||
.done( function( data ) {
|
||||
$pass1.data( 'pw', data );
|
||||
} );
|
||||
|
||||
$generateButton.show().focus();
|
||||
$passwordWrapper.hide();
|
||||
|
||||
$weakRow.hide( 0, function () {
|
||||
$weakCheckbox.removeProp( 'checked' );
|
||||
} );
|
||||
|
||||
// Disable the inputs when hiding to prevent autofill and submission.
|
||||
$pass1.prop( 'disabled', true );
|
||||
$pass2.prop( 'disabled', true );
|
||||
|
||||
// Clear password field and update the UI.
|
||||
$pass1.val( '' ).trigger( 'pwupdate' );
|
||||
resetToggle( false );
|
||||
|
||||
if ( $pass1Row.closest( 'form' ).is( '#your-profile' ) ) {
|
||||
// Clear password field to prevent update.
|
||||
$pass1.val( '' ).trigger( 'pwupdate' );
|
||||
// Hide password controls.
|
||||
$passwordWrapper
|
||||
.hide()
|
||||
.removeClass( 'is-open' );
|
||||
|
||||
// Stop an empty password from being submitted as a change.
|
||||
$submitButtons.prop( 'disabled', false );
|
||||
}
|
||||
} );
|
||||
|
||||
$pass1Row.closest( 'form' ).on( 'submit', function () {
|
||||
@ -399,7 +398,7 @@
|
||||
|
||||
window.generatePassword = generatePassword;
|
||||
|
||||
/* Warn the user if password was generated but not saved */
|
||||
// Warn the user if password was generated but not saved.
|
||||
$( window ).on( 'beforeunload', function () {
|
||||
if ( true === updateLock ) {
|
||||
return __( 'Your new password has not been saved.' );
|
||||
|
2
wp-admin/js/user-profile.min.js
vendored
2
wp-admin/js/user-profile.min.js
vendored
File diff suppressed because one or more lines are too long
@ -632,7 +632,7 @@ endif;
|
||||
<th><label for="pass1"><?php _e( 'New Password' ); ?></label></th>
|
||||
<td>
|
||||
<input class="hidden" value=" " /><!-- #24364 workaround -->
|
||||
<button type="button" class="button wp-generate-pw hide-if-no-js"><?php _e( 'Generate Password' ); ?></button>
|
||||
<button type="button" class="button wp-generate-pw hide-if-no-js" aria-expanded="false"><?php _e( 'Set New Password' ); ?></button>
|
||||
<div class="wp-pwd hide-if-js">
|
||||
<span class="password-input-wrapper">
|
||||
<input type="password" name="pass1" id="pass1" class="regular-text" value="" autocomplete="off" data-pw="<?php echo esc_attr( wp_generate_password( 24 ) ); ?>" aria-describedby="pass-strength-result" />
|
||||
@ -641,7 +641,7 @@ endif;
|
||||
<span class="dashicons dashicons-hidden" aria-hidden="true"></span>
|
||||
<span class="text"><?php _e( 'Hide' ); ?></span>
|
||||
</button>
|
||||
<button type="button" class="button wp-cancel-pw hide-if-no-js" data-toggle="0" aria-label="<?php esc_attr_e( 'Cancel password change' ); ?>">
|
||||
<button type="button" class="button wp-cancel-pw hide-if-no-js" data-toggle="0" aria-label="<?php esc_attr_e( 'Cancel' ); ?>">
|
||||
<span class="dashicons dashicons-no" aria-hidden="true"></span>
|
||||
<span class="text"><?php _e( 'Cancel' ); ?></span>
|
||||
</button>
|
||||
@ -652,8 +652,12 @@ endif;
|
||||
<tr class="user-pass2-wrap hide-if-js">
|
||||
<th scope="row"><label for="pass2"><?php _e( 'Repeat New Password' ); ?></label></th>
|
||||
<td>
|
||||
<input name="pass2" type="password" id="pass2" class="regular-text" value="" autocomplete="off" />
|
||||
<p class="description"><?php _e( 'Type your new password again.' ); ?></p>
|
||||
<input name="pass2" type="password" id="pass2" class="regular-text" value="" autocomplete="off" aria-describedby="pass2-desc" />
|
||||
<?php if ( IS_PROFILE_PAGE ) : ?>
|
||||
<p class="description" id="pass2-desc"><?php _e( 'Type your new password again.' ); ?></p>
|
||||
<?php else : ?>
|
||||
<p class="description" id="pass2-desc"><?php _e( 'Type the new password again.' ); ?></p>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
</tr>
|
||||
<tr class="pw-weak">
|
||||
@ -661,7 +665,7 @@ endif;
|
||||
<td>
|
||||
<label>
|
||||
<input type="checkbox" name="pw_weak" class="pw-checkbox" />
|
||||
<span id="pw-weak-text-label"><?php _e( 'Confirm use of potentially weak password' ); ?></span>
|
||||
<span id="pw-weak-text-label"><?php _e( 'Confirm use of weak password' ); ?></span>
|
||||
</label>
|
||||
</td>
|
||||
</tr>
|
||||
|
@ -560,8 +560,8 @@ if ( current_user_can( 'create_users' ) ) {
|
||||
</th>
|
||||
<td>
|
||||
<input class="hidden" value=" " /><!-- #24364 workaround -->
|
||||
<button type="button" class="button wp-generate-pw hide-if-no-js"><?php _e( 'Show password' ); ?></button>
|
||||
<div class="wp-pwd hide-if-js">
|
||||
<button type="button" class="button wp-generate-pw hide-if-no-js"><?php _e( 'Generate password' ); ?></button>
|
||||
<div class="wp-pwd">
|
||||
<?php $initial_password = wp_generate_password( 24 ); ?>
|
||||
<span class="password-input-wrapper">
|
||||
<input type="password" name="pass1" id="pass1" class="regular-text" autocomplete="off" data-reveal="1" data-pw="<?php echo esc_attr( $initial_password ); ?>" aria-describedby="pass-strength-result" />
|
||||
@ -570,10 +570,6 @@ if ( current_user_can( 'create_users' ) ) {
|
||||
<span class="dashicons dashicons-hidden" aria-hidden="true"></span>
|
||||
<span class="text"><?php _e( 'Hide' ); ?></span>
|
||||
</button>
|
||||
<button type="button" class="button wp-cancel-pw hide-if-no-js" data-toggle="0" aria-label="<?php esc_attr_e( 'Cancel password change' ); ?>">
|
||||
<span class="dashicons dashicons-no" aria-hidden="true"></span>
|
||||
<span class="text"><?php _e( 'Cancel' ); ?></span>
|
||||
</button>
|
||||
<div style="display:none" id="pass-strength-result" aria-live="polite"></div>
|
||||
</div>
|
||||
</td>
|
||||
@ -581,7 +577,8 @@ if ( current_user_can( 'create_users' ) ) {
|
||||
<tr class="form-field form-required user-pass2-wrap hide-if-js">
|
||||
<th scope="row"><label for="pass2"><?php _e( 'Repeat Password' ); ?> <span class="description"><?php _e( '(required)' ); ?></span></label></th>
|
||||
<td>
|
||||
<input name="pass2" type="password" id="pass2" autocomplete="off" />
|
||||
<input name="pass2" type="password" id="pass2" autocomplete="off" aria-describedby="pass2-desc" />
|
||||
<p class="description" id="pass2-desc"><?php _e( 'Type the password again.' ); ?></p>
|
||||
</td>
|
||||
</tr>
|
||||
<tr class="pw-weak">
|
||||
|
@ -13,7 +13,7 @@
|
||||
*
|
||||
* @global string $wp_version
|
||||
*/
|
||||
$wp_version = '5.6-alpha-49247';
|
||||
$wp_version = '5.6-alpha-49248';
|
||||
|
||||
/**
|
||||
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.
|
||||
|
Loading…
Reference in New Issue
Block a user