Adding a password length check to other API actions. (#1474)
* Adding a password length check to other API actions. - Fixes #1473 * Fixing comment.
This commit is contained in:
parent
e78ba38e94
commit
134fece36d
2 changed files with 15 additions and 4 deletions
|
@ -465,6 +465,15 @@ pub(crate) fn espeak_wav_base64(text: &str) -> Result<String, LemmyError> {
|
|||
Ok(base64)
|
||||
}
|
||||
|
||||
/// Checks the password length
|
||||
pub(crate) fn password_length_check(pass: &str) -> Result<(), LemmyError> {
|
||||
if pass.len() > 60 {
|
||||
Err(ApiError::err("invalid_password").into())
|
||||
} else {
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use crate::captcha_espeak_wav_base64;
|
||||
|
|
|
@ -4,6 +4,7 @@ use crate::{
|
|||
get_user_from_jwt,
|
||||
get_user_from_jwt_opt,
|
||||
is_admin,
|
||||
password_length_check,
|
||||
Perform,
|
||||
};
|
||||
use actix_web::web::Data;
|
||||
|
@ -144,10 +145,7 @@ impl Perform for Register {
|
|||
}
|
||||
}
|
||||
|
||||
// Password length check
|
||||
if data.password.len() > 60 {
|
||||
return Err(ApiError::err("invalid_password").into());
|
||||
}
|
||||
password_length_check(&data.password)?;
|
||||
|
||||
// Make sure passwords match
|
||||
if data.password != data.password_verify {
|
||||
|
@ -390,6 +388,8 @@ impl Perform for SaveUserSettings {
|
|||
Some(new_password) => {
|
||||
match &data.new_password_verify {
|
||||
Some(new_password_verify) => {
|
||||
password_length_check(&new_password)?;
|
||||
|
||||
// Make sure passwords match
|
||||
if new_password != new_password_verify {
|
||||
return Err(ApiError::err("passwords_dont_match").into());
|
||||
|
@ -989,6 +989,8 @@ impl Perform for PasswordChange {
|
|||
})
|
||||
.await??;
|
||||
|
||||
password_length_check(&data.password)?;
|
||||
|
||||
// Make sure passwords match
|
||||
if data.password != data.password_verify {
|
||||
return Err(ApiError::err("passwords_dont_match").into());
|
||||
|
|
Loading…
Reference in a new issue