luci-plugin-pwpolicy: initial commit

Password policy is adds now the possibility to enforce a password policy
if it is added to the target.

Signed-off-by: Christian Korber <ckorber@tdt.de>

Author: ckorber

plugins/luci-plugin-pwpolicy/Makefile

@@ -0,0 +1,23 @@
+#
+# Copyright (C) 2026 OpenWrt.org
+#
+# This is free software, licensed under Apache-2.0.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=luci-plugin-pwpolicy
+
+PKG_LICENSE:=Apache-2.0
+PKG_MAINTAINER:=Christian Korber <ckorber@tdt.de>
+PKG_DESCRIPTION:=LuCI Password Policy Plugin
+
+LUCI_TITLE:=LuCI Password Policy Plugin
+LUCI_DEPENDS:=+luci-base +luci-mod-system
+
+LUCI_TYPE:=plugin
+
+include ../../luci.mk
+
+# call BuildPackage - OpenWrt buildroot

plugins/luci-plugin-pwpolicy/htdocs/luci-static/resources/view/plugins/51af4ae847774aac863d4c94a9ba6d58.js

@@ -0,0 +1,61 @@
+'use strict';
+'require baseclass';
+'require view';
+'require form';
+
+return baseclass.extend({
+	class: 'password',
+	class_i18n: _('Password'),
+
+	type: 'policy',
+	type_i18n: _('Policy'),
+
+	name: 'Password Policy',
+	id: '51af4ae847774aac863d4c94a9ba6d58',
+	title: _('Password Policy'),
+	description: _('Here you can enforce a password policy sytem wide'),
+
+	addFormOptions(s) {
+		let o;
+
+		o = s.option(form.Flag, 'enabled', _('Enable password policy'));
+		o.default = o.disabled;
+		o.remempty = false;
+
+		o = s.option(form.Value, 'pw_length', _('Minimum password length'));
+		o.optional = false;
+		o.datatype = 'uinteger';
+		o.placeholder = 8;
+
+		o = s.option(form.Flag, 'digits', _('Digits'));
+		o.default = false;
+
+		o = s.option(form.Flag, 'uc_lc', _('Upper / lower case characters'));
+		o.default = false;
+
+		o = s.option(form.Flag, 'special_characters', _('Special characters'));
+		o.default = false;
+
+	},
+
+	configSummary(section) {
+		if (section.enabled != '1')
+			return null;
+
+		var summary = [];
+
+		if (section.pw_length)
+			summary.push(_('min. password length'));
+
+		if (section.digits)
+			summary.push(_('digit occurence'));
+
+		if (section.uc_lc)
+			summary.push(_('uppercase/lowercase occurence'));
+
+		if (section.special_characters)
+			summary.push(_('special characters occurence'));
+
+		return summary.length ? summary.join (', ') : _('Password Policy enabled');
+	}
+});

plugins/luci-plugin-pwpolicy/root/etc/uci-defaults/luci-app-pwpolicy

@@ -0,0 +1,35 @@
+#!/bin/sh
+
+# luci-app-pwpolicy: Setup script for pwpolicy plugin
+# This script sets up the password policy plugin configuration in luci_plugins
+
+PLUGIN_UUID="51af4ae847774aac863d4c94a9ba6d58"
+
+# Ensure luci_plugins config file exists
+touch /etc/config/luci_plugins
+
+# Create global section if not exists
+uci -q get luci_plugins.global >/dev/null || {
+	uci set luci_plugins.global=global
+	uci set luci_plugins.global.enabled='0'
+}
+
+# Enable pwppolicy plugins class if not set
+uci -q get luci_plugins.global.password_policy_enabled >/dev/null || {
+	uci set luci_plugins.global.password_policy_enabled='0'
+}
+
+# Create pwpolicy plugin section if not exists
+uci -q get "luci_plugins.${PLUGIN_UUID}" >/dev/null || {
+	uci set "luci_plugins.${PLUGIN_UUID}=password_policy"
+	uci set "luci_plugins.${PLUGIN_UUID}.enabled=0"
+	uci set "luci_plugins.${PLUGIN_UUID}.name=Password Policy"
+}
+
+uci set "luci_plugins.${PLUGIN_UUID}.digits=0"
+uci set "luci_plugins.${PLUGIN_UUID}.uc_lc=0"
+uci set "luci_plugins.${PLUGIN_UUID}.special_characters=0"
+
+uci commit luci_plugins
+
+exit 0