Fix maximum password length

2025-01-24 14:04:07 +08:00 · 2018-06-18 21:50:32 +08:00 · 2018-06-18 21:50:32 +08:00 · b7a2d368f7
commit b7a2d368f7
parent 53fd30f093
3 changed files with 17 additions and 15 deletions
--- a/app/Http/Controllers/SetupController.php
+++ b/app/Http/Controllers/SetupController.php
@ -60,7 +60,7 @@ class SetupController extends Controller
    {
        $this->validate($request, [
            'email'     => 'required|email',
-            'password'  => 'required|min:8|max:16|confirmed',
+            'password'  => 'required|min:8|max:32|confirmed',
            'site_name' => 'required'
        ]);

--- a/app/Http/Controllers/UserController.php
+++ b/app/Http/Controllers/UserController.php
@ -113,7 +113,7 @@ class UserController extends Controller
        switch ($action) {
            case 'nickname':
                $this->validate($request, [
-                    'new_nickname' => 'required|nickname|max:255'
+                    'new_nickname' => 'required|no_special_chars|max:255'
                ]);

                $nickname = $request->input('new_nickname');
@ -127,8 +127,8 @@ class UserController extends Controller

            case 'password':
                $this->validate($request, [
-                    'current_password' => 'required|min:6|max:16',
-                    'new_password'     => 'required|min:8|max:16'
+                    'current_password' => 'required|min:6|max:32',
+                    'new_password'     => 'required|min:8|max:32'
                ]);

                if (! $this->user->verifyPassword($request->input('current_password')))
@ -149,7 +149,7 @@ class UserController extends Controller
            case 'email':
                $this->validate($request, [
                    'new_email' => 'required|email',
-                    'password'  => 'required|min:6|max:16'
+                    'password'  => 'required|min:6|max:32'
                ]);

                if ($users->get($request->input('new_email'), 'email')) {
@ -171,7 +171,7 @@ class UserController extends Controller

            case 'delete':
                $this->validate($request, [
-                    'password' => 'required|min:6|max:16'
+                    'password' => 'required|min:6|max:32'
                ]);

                if (! $this->user->verifyPassword($request->input('password')))
--- a/tests/UserControllerTest.php
+++ b/tests/UserControllerTest.php
@ -173,7 +173,8 @@ class UserControllerTest extends TestCase
        // Too short current password
        $this->post('/user/profile', [
            'action' => 'password',
-            'current_password' => '1'
+            'current_password' => '1',
+            'new_password' => '12345678'
        ], [
            'X-Requested-With' => 'XMLHttpRequest'
        ])->seeJson([
@ -184,12 +185,13 @@ class UserControllerTest extends TestCase
        // Too long current password
        $this->post('/user/profile', [
            'action' => 'password',
-            'current_password' => str_random(17)
+            'current_password' => str_random(33),
+            'new_password' => '12345678'
        ], [
            'X-Requested-With' => 'XMLHttpRequest'
        ])->seeJson([
            'errno' => 1,
-            'msg' => trans('validation.max.string', ['attribute' => 'current password', 'max' => 16])
+            'msg' => trans('validation.max.string', ['attribute' => 'current password', 'max' => 32])
        ]);

        // Too short new password
@ -208,12 +210,12 @@ class UserControllerTest extends TestCase
        $this->post('/user/profile', [
            'action' => 'password',
            'current_password' => '12345678',
-            'new_password' => str_random(17)
+            'new_password' => str_random(33)
        ], [
            'X-Requested-With' => 'XMLHttpRequest'
        ])->seeJson([
            'errno' => 1,
-            'msg' => trans('validation.max.string', ['attribute' => 'new password', 'max' => 16])
+            'msg' => trans('validation.max.string', ['attribute' => 'new password', 'max' => 32])
        ]);

        // Wrong old password
@ -283,12 +285,12 @@ class UserControllerTest extends TestCase
        $this->post('/user/profile', [
            'action' => 'email',
            'new_email' => 'a@b.c',
-            'password' => str_random(17)
+            'password' => str_random(33)
        ], [
            'X-Requested-With' => 'XMLHttpRequest'
        ])->seeJson([
            'errno' => 1,
-            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 16])
+            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 32])
        ]);

        // Use a duplicated email
@ -356,12 +358,12 @@ class UserControllerTest extends TestCase
        // Too long current password
        $this->post('/user/profile', [
            'action' => 'delete',
-            'password' => str_random(17)
+            'password' => str_random(33)
        ], [
            'X-Requested-With' => 'XMLHttpRequest'
        ])->seeJson([
            'errno' => 1,
-            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 16])
+            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 32])
        ]);

        // Wrong password