Allow longer passwords (#923)

This commit is contained in:
kidhab 2022-02-16 18:13:08 +01:00 committed by GitHub
parent daccf91ab6
commit 64ab699047
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 11 deletions

View file

@ -33,7 +33,7 @@ class User < ApplicationRecord
validates_presence_of :first_name # for simple_form validations validates_presence_of :first_name # for simple_form validations
validates_length_of :first_name, :in => 2..50 validates_length_of :first_name, :in => 2..50
validates_confirmation_of :password validates_confirmation_of :password
validates_length_of :password, :in => 5..25, :allow_blank => true validates_length_of :password, :in => 12..50, :allow_blank => true
# allow nick to be nil depending on foodcoop config # allow nick to be nil depending on foodcoop config
# TODO Rails 4 may have a more beautiful way # TODO Rails 4 may have a more beautiful way
# http://stackoverflow.com/questions/19845910/conditional-allow-nil-part-of-validation # http://stackoverflow.com/questions/19845910/conditional-allow-nil-part-of-validation
@ -132,7 +132,7 @@ class User < ApplicationRecord
end end
# Returns a random password. # Returns a random password.
def new_random_password(size = 3) def new_random_password(size = 6)
c = %w(b c d f g h j k l m n p qu r s t v w x z ch cr fr nd ng nk nt ph pr rd sh sl sp st th tr) c = %w(b c d f g h j k l m n p qu r s t v w x z ch cr fr nd ng nk nt ph pr rd sh sl sp st th tr)
v = %w(a e i o u y) v = %w(a e i o u y)
f, r = true, '' f, r = true, ''

View file

@ -23,28 +23,28 @@ describe User do
end end
describe do describe do
let(:user) { create :user, password: 'blahblah' } let(:user) { create :user, password: 'blahblahblah' }
it 'can authenticate with correct password' do it 'can authenticate with correct password' do
expect(User.authenticate(user.nick, 'blahblah')).to be_truthy expect(User.authenticate(user.nick, 'blahblahblah')).to be_truthy
end end
it 'can not authenticate with incorrect password' do it 'can not authenticate with incorrect password' do
expect(User.authenticate(user.nick, 'foobar')).to be_nil expect(User.authenticate(user.nick, 'foobar')).to be_nil
end end
it 'can not authenticate with nil nick' do it 'can not authenticate with nil nick' do
expect(User.authenticate(nil, 'blahblah')).to be_nil expect(User.authenticate(nil, 'blahblahblah')).to be_nil
end end
it 'can not authenticate with nil password' do it 'can not authenticate with nil password' do
expect(User.authenticate(user.nick, nil)).to be_nil expect(User.authenticate(user.nick, nil)).to be_nil
end end
it 'can not set a password without matching confirmation' do it 'can not set a password without matching confirmation' do
user.password = 'abcdefghij' user.password = 'abcdefghijkl'
user.password_confirmation = 'foobarxyz' user.password_confirmation = 'foobaruvwxyz'
expect(user).to be_invalid expect(user).to be_invalid
end end
it 'can set a password with matching confirmation' do it 'can set a password with matching confirmation' do
user.password = 'abcdefghij' user.password = 'abcdefghijkl'
user.password_confirmation = 'abcdefghij' user.password_confirmation = 'abcdefghijkl'
expect(user).to be_valid expect(user).to be_valid
end end
@ -56,13 +56,13 @@ describe User do
end end
it 'can authenticate using email address' do it 'can authenticate using email address' do
expect(User.authenticate(user.email, 'blahblah')).to be_truthy expect(User.authenticate(user.email, 'blahblahblah')).to be_truthy
end end
it 'can authenticate when there is no nick' do it 'can authenticate when there is no nick' do
user.nick = nil user.nick = nil
expect(user).to be_valid expect(user).to be_valid
expect(User.authenticate(user.email, 'blahblah')).to be_truthy expect(User.authenticate(user.email, 'blahblahblah')).to be_truthy
end end
end end