Adding a password length check to other API actions. (#1474)
* Adding a password length check to other API actions. - Fixes #1473 * Fixing comment.
This commit is contained in:
parent
e78ba38e94
commit
134fece36d
2 changed files with 15 additions and 4 deletions
|
@ -465,6 +465,15 @@ pub(crate) fn espeak_wav_base64(text: &str) -> Result<String, LemmyError> {
|
||||||
Ok(base64)
|
Ok(base64)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Checks the password length
|
||||||
|
pub(crate) fn password_length_check(pass: &str) -> Result<(), LemmyError> {
|
||||||
|
if pass.len() > 60 {
|
||||||
|
Err(ApiError::err("invalid_password").into())
|
||||||
|
} else {
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod tests {
|
mod tests {
|
||||||
use crate::captcha_espeak_wav_base64;
|
use crate::captcha_espeak_wav_base64;
|
||||||
|
|
|
@ -4,6 +4,7 @@ use crate::{
|
||||||
get_user_from_jwt,
|
get_user_from_jwt,
|
||||||
get_user_from_jwt_opt,
|
get_user_from_jwt_opt,
|
||||||
is_admin,
|
is_admin,
|
||||||
|
password_length_check,
|
||||||
Perform,
|
Perform,
|
||||||
};
|
};
|
||||||
use actix_web::web::Data;
|
use actix_web::web::Data;
|
||||||
|
@ -144,10 +145,7 @@ impl Perform for Register {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Password length check
|
password_length_check(&data.password)?;
|
||||||
if data.password.len() > 60 {
|
|
||||||
return Err(ApiError::err("invalid_password").into());
|
|
||||||
}
|
|
||||||
|
|
||||||
// Make sure passwords match
|
// Make sure passwords match
|
||||||
if data.password != data.password_verify {
|
if data.password != data.password_verify {
|
||||||
|
@ -390,6 +388,8 @@ impl Perform for SaveUserSettings {
|
||||||
Some(new_password) => {
|
Some(new_password) => {
|
||||||
match &data.new_password_verify {
|
match &data.new_password_verify {
|
||||||
Some(new_password_verify) => {
|
Some(new_password_verify) => {
|
||||||
|
password_length_check(&new_password)?;
|
||||||
|
|
||||||
// Make sure passwords match
|
// Make sure passwords match
|
||||||
if new_password != new_password_verify {
|
if new_password != new_password_verify {
|
||||||
return Err(ApiError::err("passwords_dont_match").into());
|
return Err(ApiError::err("passwords_dont_match").into());
|
||||||
|
@ -989,6 +989,8 @@ impl Perform for PasswordChange {
|
||||||
})
|
})
|
||||||
.await??;
|
.await??;
|
||||||
|
|
||||||
|
password_length_check(&data.password)?;
|
||||||
|
|
||||||
// Make sure passwords match
|
// Make sure passwords match
|
||||||
if data.password != data.password_verify {
|
if data.password != data.password_verify {
|
||||||
return Err(ApiError::err("passwords_dont_match").into());
|
return Err(ApiError::err("passwords_dont_match").into());
|
||||||
|
|
Loading…
Reference in a new issue