From f006ddc7354dd2248c6c480cced15617159fa62b Mon Sep 17 00:00:00 2001 From: ngn Date: Sat, 10 Jun 2023 20:51:21 +0300 Subject: [PATCH 1/5] Implemented password length check --- assets/locales/ur/auth.json | 3 ++- src/api/routes/auth/register.ts | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/assets/locales/ur/auth.json b/assets/locales/ur/auth.json index e19547a0..ed7dc26d 100644 --- a/assets/locales/ur/auth.json +++ b/assets/locales/ur/auth.json @@ -10,7 +10,8 @@ "EMAIL_INVALID": "Invalid Email", "EMAIL_ALREADY_REGISTERED": "Email is already registered", "DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older", - "CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.", + "PASSWORD_REQUIREMENTS_MIN_LENGTH": "Must be at least 8 characters long.", + "CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.", "USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another" } } diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts index 321b4a65..7b62f621 100644 --- a/src/api/routes/auth/register.ts +++ b/src/api/routes/auth/register.ts @@ -225,6 +225,14 @@ router.post( } if (body.password) { + if(body.password.length<8){ + throw FieldErrors({ + password: { + code: "PASSWORD_REQUIREMENTS_MIN_LENGTH", + message: req.t("auth:register.PASSWORD_REQUIREMENTS_MIN_LENGTH") + } + }); + } // the salt is saved in the password refer to bcrypt docs body.password = await bcrypt.hash(body.password, 12); } else if (register.password.required) { From 9efe160340a90e5635ad018f22942c6ce3c08b62 Mon Sep 17 00:00:00 2001 From: ngn13 <78868991+ngn13@users.noreply.github.com> Date: Sat, 10 Jun 2023 22:13:44 +0300 Subject: [PATCH 2/5] making min password length configurable Co-authored-by: Puyodead1 --- src/api/routes/auth/register.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts index 7b62f621..f8bc6da2 100644 --- a/src/api/routes/auth/register.ts +++ b/src/api/routes/auth/register.ts @@ -225,7 +225,7 @@ router.post( } if (body.password) { - if(body.password.length<8){ + if(body.password.length < register.password.minLength){ throw FieldErrors({ password: { code: "PASSWORD_REQUIREMENTS_MIN_LENGTH", From 3dcabc57f659ea9e664711a5069e0fa908a04676 Mon Sep 17 00:00:00 2001 From: ngn Date: Sat, 10 Jun 2023 22:17:50 +0300 Subject: [PATCH 3/5] Making the error message dynamic --- assets/locales/ur/auth.json | 2 +- src/api/routes/auth/register.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/assets/locales/ur/auth.json b/assets/locales/ur/auth.json index ed7dc26d..1dac2474 100644 --- a/assets/locales/ur/auth.json +++ b/assets/locales/ur/auth.json @@ -10,7 +10,7 @@ "EMAIL_INVALID": "Invalid Email", "EMAIL_ALREADY_REGISTERED": "Email is already registered", "DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older", - "PASSWORD_REQUIREMENTS_MIN_LENGTH": "Must be at least 8 characters long.", + "PASSWORD_REQUIREMENTS_MIN_LENGTH": "Must be at least {{min}} characters long.", "CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.", "USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another" } diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts index f8bc6da2..247fa88f 100644 --- a/src/api/routes/auth/register.ts +++ b/src/api/routes/auth/register.ts @@ -229,7 +229,7 @@ router.post( throw FieldErrors({ password: { code: "PASSWORD_REQUIREMENTS_MIN_LENGTH", - message: req.t("auth:register.PASSWORD_REQUIREMENTS_MIN_LENGTH") + message: req.t("auth:register.PASSWORD_REQUIREMENTS_MIN_LENGTH", { min: register.password.minLength }) } }); } From 41f14b3ad8d75a8d0158f72d8fe0825c3a8ac724 Mon Sep 17 00:00:00 2001 From: ngn Date: Sun, 11 Jun 2023 13:36:51 +0300 Subject: [PATCH 4/5] Make sure min password length is not null --- src/api/routes/auth/register.ts | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts index 247fa88f..46026d7d 100644 --- a/src/api/routes/auth/register.ts +++ b/src/api/routes/auth/register.ts @@ -225,11 +225,12 @@ router.post( } if (body.password) { - if(body.password.length < register.password.minLength){ + const min = register.password.minLength ? register.password.minLength : 8; + if(body.password.length < min){ throw FieldErrors({ password: { code: "PASSWORD_REQUIREMENTS_MIN_LENGTH", - message: req.t("auth:register.PASSWORD_REQUIREMENTS_MIN_LENGTH", { min: register.password.minLength }) + message: req.t("auth:register.PASSWORD_REQUIREMENTS_MIN_LENGTH", { min: min }) } }); } From e774a9256bddba054f1cd030fc9d65e4ec1d2c23 Mon Sep 17 00:00:00 2001 From: ngn Date: Sun, 11 Jun 2023 15:17:03 +0300 Subject: [PATCH 5/5] made it prettier --- src/api/routes/auth/register.ts | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/src/api/routes/auth/register.ts b/src/api/routes/auth/register.ts index 46026d7d..14dc319a 100644 --- a/src/api/routes/auth/register.ts +++ b/src/api/routes/auth/register.ts @@ -225,15 +225,20 @@ router.post( } if (body.password) { - const min = register.password.minLength ? register.password.minLength : 8; - if(body.password.length < min){ - throw FieldErrors({ - password: { - code: "PASSWORD_REQUIREMENTS_MIN_LENGTH", - message: req.t("auth:register.PASSWORD_REQUIREMENTS_MIN_LENGTH", { min: min }) - } - }); - } + const min = register.password.minLength + ? register.password.minLength + : 8; + if (body.password.length < min) { + throw FieldErrors({ + password: { + code: "PASSWORD_REQUIREMENTS_MIN_LENGTH", + message: req.t( + "auth:register.PASSWORD_REQUIREMENTS_MIN_LENGTH", + { min: min }, + ), + }, + }); + } // the salt is saved in the password refer to bcrypt docs body.password = await bcrypt.hash(body.password, 12); } else if (register.password.required) {