Feature: #98540 - New TCA field control "passwordGenerator"¶
See forge#98540
Description¶
A new TCA field control password
has been introduced,
which can be used in combination with TCA type password
. The control
renders a button next to the password field allowing the user to generate
a random password based on defined rules.
Using the control adds the generated password to the corresponding field. The password is visible to the backend user only once and stored encrypted in the database. Integrators are also able to define whether the user is allowed to edit the generated password before saving.
Example configuration¶
'password_field' => [
'label' => 'Password',
'config' => [
'type' => 'password',
'fieldControl' => [
'passwordGenerator' => [
'renderType' => 'passwordGenerator',
'options' => [
'title' => 'Generate a password',
'allowEdit' => false,
'passwordRules' => [
'length' => 38,
'digitCharacters' => false,
'specialCharacters' => true,
],
],
],
],
],
],
This example will add the control with a custom title. The generated password will be 38 characters long, will contain lowercase, uppercase and special characters and no digit characters. The user won't be able to edit the generated password.
Field control options¶
title
: Define a title for the control buttonallow
: Whether the user can edit the generated passwordEdit password
: Define rules for the password.Rules
Available password rules:
length
: Defines the number of characters for the password (minimum:8
- default:16
).random
: Defines the encoding of random bytes. Overrules character definitions. Available encodings arehex
andbase64
.digit
: Whether digits should be used (Default:Characters true
)lower
: Whether lowercase characters should be used (Default:Case Characters true
)upper
: Whether uppercase characters should be used (Default:Case Characters true
)special
: Whether special characters should be used (Default:Characters false
)
Random bytes¶
The following example will generate a 40 characters long random hex string, which could be used e.g. for secret tokens or similar:
'random_hex' => [
'label' => 'Random hex',
'config' => [
'type' => 'password',
'fieldControl' => [
'passwordGenerator' => [
'renderType' => 'passwordGenerator',
'options' => [
'passwordRules' => [
'length' => 40,
'random' => 'hex',
],
],
],
],
],
],
Note
Defining the special random
password rule always takes
precedence over any character definition, which should therefore
be omitted as soon as random
is set to one of the available
encodings: hex
or base64
.
Impact¶
It is now possible to enhance the TCA type password
with a field control
to generate a random password based on defined password rules.