Merge pull request #405 from appwrite/disallow-personal-data

christyjacob4 · web-flow · commit 2a074e4ef9cf · 2023-08-09T00:38:46.000+04:00
feat: add password personal data check
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -19,7 +19,7 @@
     },
     "dependencies": {
         "@analytics/google-analytics": "^1.0.5",
-        "@appwrite.io/console": "0.2.0",
+        "@appwrite.io/console": "npm:christy-console@^0.3.0",
         "@appwrite.io/pink": "^0.0.6-rc.10",
         "@analytics/google-tag-manager": "^0.5.3",
         "@popperjs/core": "^2.11.6",
diff --git a/src/lib/actions/analytics.ts b/src/lib/actions/analytics.ts
@@ -153,6 +153,7 @@ export enum Submit {
     AuthStatusUpdate = 'submit_auth_status_update',
     AuthPasswordHistoryUpdate = 'submit_auth_password_history_limit_update',
     AuthPasswordDictionaryUpdate = 'submit_auth_password_dictionary_update',
+    AuthPersonalDataCheckUpdate = 'submit_auth_personal_data_check_update',
     SessionsLengthUpdate = 'submit_sessions_length_update',
     SessionsLimitUpdate = 'submit_sessions_limit_update',
     SessionDelete = 'submit_session_delete',
diff --git a/src/routes/console/project-[project]/auth/security/+page.svelte b/src/routes/console/project-[project]/auth/security/+page.svelte
@@ -2,6 +2,7 @@
     import { Container } from '$lib/layout';
     import UpdatePasswordDictionary from './updatePasswordDictionary.svelte';
     import UpdatePasswordHistory from './updatePasswordHistory.svelte';
+    import UpdatePersonalDataCheck from './updatePersonalDataCheck.svelte';
     import UpdateSessionLength from './updateSessionLength.svelte';
     import UpdateSessionsLimit from './updateSessionsLimit.svelte';
     import UpdateUsersLimit from './updateUsersLimit.svelte';
@@ -13,4 +14,5 @@
     <UpdateSessionsLimit />
     <UpdatePasswordHistory />
     <UpdatePasswordDictionary />
+    <UpdatePersonalDataCheck />
 </Container>
diff --git a/src/routes/console/project-[project]/auth/security/updatePasswordHistory.svelte b/src/routes/console/project-[project]/auth/security/updatePasswordHistory.svelte
@@ -44,7 +44,7 @@
             <FormList>
                 <InputSwitch
                     bind:value={passwordHistoryEnabled}
-                    id="passwordHisotryEnabled"
+                    id="passwordHistoryEnabled"
                     label="Password History" />
             </FormList>
             <p class="text">
diff --git a/src/routes/console/project-[project]/auth/security/updatePersonalDataCheck.svelte b/src/routes/console/project-[project]/auth/security/updatePersonalDataCheck.svelte
@@ -0,0 +1,57 @@
+<script lang="ts">
+    import { invalidate } from '$app/navigation';
+    import { Submit, trackError, trackEvent } from '$lib/actions/analytics';
+    import { CardGrid, Heading } from '$lib/components';
+    import { Dependencies } from '$lib/constants';
+    import { Button, Form, InputSwitch } from '$lib/elements/forms';
+    import { FormList } from '$lib/elements/forms';
+    import { addNotification } from '$lib/stores/notifications';
+    import { sdk } from '$lib/stores/sdk';
+    import { project } from '../../store';
+
+    let authPersonalDataCheck = $project.authPersonalDataCheck ?? false;
+
+    async function updatePersonalDataCheck() {
+        try {
+            await sdk.forConsole.projects.updatePersonalDataCheck(
+                $project.$id,
+                authPersonalDataCheck
+            );
+            await invalidate(Dependencies.PROJECT);
+            addNotification({
+                type: 'success',
+                message: 'Toggled personal data checks for passwords'
+            });
+            trackEvent(Submit.AuthPersonalDataCheckUpdate);
+        } catch (error) {
+            addNotification({
+                type: 'error',
+                message: error.message
+            });
+            trackError(error, Submit.AuthPersonalDataCheckUpdate);
+        }
+    }
+</script>
+
+<Form onSubmit={updatePersonalDataCheck}>
+    <CardGrid>
+        <Heading tag="h2" size="7">Personal Data</Heading>
+        <svelte:fragment slot="aside">
+            <FormList>
+                <InputSwitch
+                    bind:value={authPersonalDataCheck}
+                    id="personalDataCheck"
+                    label="Disallow Personal Data" />
+            </FormList>
+            <p class="text">
+                Do now allow passwords that contain any part of the user's personal data. This
+                includes the user's <code>name</code>, <code>email</code>, or <code>phone</code>.
+            </p>
+        </svelte:fragment>
+
+        <svelte:fragment slot="actions">
+            <Button disabled={authPersonalDataCheck === $project.authPersonalDataCheck} submit
+                >Update</Button>
+        </svelte:fragment>
+    </CardGrid>
+</Form>
