Skip to content

Bug: User's password validation rules mismatch across application #2237

New issue
New issue
Closed
Closed
Bug: User's password validation rules mismatch across application#2237
Labels
🐛 Bug🏭 Back-End
Milestone
v21.12
@jakubboucek

Description

@jakubboucek
jakubboucek
opened on Aug 31, 2020

Describe the bug
Password validation rules is mismatch across application.

Mismatch explain

CreateAdmin – 5 characters rule

In \BookStack\Console\Commands\CreateAdmin::handle() is validation rule for password only 5 chars length:

BookStack/app/Console/Commands/CreateAdmin.php

Lines 72 to 74 in 13c0386

if (mb_strlen($password) < 5) {
return $this->error('Invalid password provided, Must be at least 5 characters');
}

RegisterController – 8 characters rule

In \BookStack\Http\Controllers\Auth\RegisterController::validator() is validation rule for password only 5 chars length:

BookStack/app/Http/Controllers/Auth/RegisterController.php

Lines 62 to 69 in e15fcf5

protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|min:2|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|min:8',
]);
}

l10n – 5, 6, 7, 8 characters rule description

Reqiurements for password is mismatched between languages in l10ns files.
Search accross l10n files

Expected behavior
I expect keep requirements for same entity's property same across whole application.

Better way can be extract password validation to one helper.

Don't worry be happy
I am offering to help you with reunite it by Pull Request, just help me confirm the 8 character length is currently valid length for Users passwords in application.

Metadata

Metadata

Assignees

No one assigned

    Labels

    🐛 Bug🏭 Back-End

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions