Feature: #98540 - New TCA field control "passwordGenerator"

See forge#98540

Description

A new TCA field control passwordGenerator has been introduced, which can be used in combination with TCA type password. The control renders a button next to the password field allowing the user to generate a random password based on defined rules.

Using the control adds the generated password to the corresponding field. The password is visible to the backend user only once and stored encrypted in the database. Integrators are also able to define whether the user is allowed to edit the generated password before saving.

Example configuration

'password_field' => [
    'label' => 'Password',
    'config' => [
        'type' => 'password',
        'fieldControl' => [
            'passwordGenerator' => [
                'renderType' => 'passwordGenerator',
                'options' => [
                    'title' => 'Generate a password',
                    'allowEdit' => false,
                    'passwordRules' => [
                        'length' => 38,
                        'digitCharacters' => false,
                        'specialCharacters' => true,
                    ],
                ],
            ],
        ],
    ],
],

This example will add the control with a custom title. The generated password will be 38 characters long, will contain lowercase, uppercase and special characters and no digit characters. The user won't be able to edit the generated password.

Field control options

  • title: Define a title for the control button

  • allowEdit: Whether the user can edit the generated password

  • passwordRules: Define rules for the password.

Available password rules:

  • length: Defines the number of characters for the password (minimum: 8 - default: 16).

  • random: Defines the encoding of random bytes. Overrules character definitions. Available encodings are hex and base64.

  • digitCharacters: Whether digits should be used (Default: true)

  • lowerCaseCharacters: Whether lowercase characters should be used (Default: true)

  • upperCaseCharacters: Whether uppercase characters should be used (Default: true)

  • specialCharacters: Whether special characters should be used (Default: false)

Random bytes

The following example will generate a 40 characters long random hex string, which could be used e.g. for secret tokens or similar:

'random_hex' => [
    'label' => 'Random hex',
    'config' => [
        'type' => 'password',
        'fieldControl' => [
            'passwordGenerator' => [
                'renderType' => 'passwordGenerator',
                'options' => [
                    'passwordRules' => [
                        'length' => 40,
                        'random' => 'hex',
                    ],
                ],
            ],
        ],
    ],
],

Note

Defining the special random password rule always takes precedence over any character definition, which should therefore be omitted as soon as random is set to one of the available encodings: hex or base64.

Impact

It is now possible to enhance the TCA type password with a field control to generate a random password based on defined password rules.