From 1396fb03260c9793be019f95386996649195a0a2 Mon Sep 17 00:00:00 2001 From: VLE2FE Date: Fri, 7 Aug 2020 10:54:01 +0200 Subject: [PATCH] changed password policy --- src/routes/user.spec.ts | 8 ++++---- src/routes/validate/user.ts | 5 ++--- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/src/routes/user.spec.ts b/src/routes/user.spec.ts index 710ee0a..4a501e3 100644 --- a/src/routes/user.spec.ts +++ b/src/routes/user.spec.ts @@ -303,8 +303,8 @@ describe('/user', () => { url: '/user', auth: {basic: 'admin'}, httpStatus: 400, - req: {pass: 'password'}, - res: {status: 'Invalid body format', details: 'password must have at least 8 characters, one uppercase and one lowercase character, one number and at least one of the following characters: !\"\\#%&\'()*+,-.\\/:;<=>?@[]^_`\u0000|}~'} + req: {pass: 'pass'}, + res: {status: 'Invalid body format', details: '"pass" length must be at least 8 characters long'} }); }); it('rejects requests from non-admins for another user', done => { @@ -585,8 +585,8 @@ describe('/user', () => { url: '/user/new', auth: {basic: 'admin'}, httpStatus: 400, - req: {email: 'john.doe@bosch.com', name: 'johndoe', pass: 'password', level: 'read', location: 'Rng', devices: ['Alpha II']}, - res: {status: 'Invalid body format', details: 'password must have at least 8 characters, one uppercase and one lowercase character, one number and at least one of the following characters: !\"\\#%&\'()*+,-.\\/:;<=>?@[]^_`\u0000|}~'} + req: {email: 'john.doe@bosch.com', name: 'johndoe', pass: 'pass', level: 'read', location: 'Rng', devices: ['Alpha II']}, + res: {status: 'Invalid body format', details: '"pass" length must be at least 8 characters long'} }); }); it('rejects requests from non-admins', done => { diff --git a/src/routes/validate/user.ts b/src/routes/validate/user.ts index f049fd4..f25e492 100644 --- a/src/routes/validate/user.ts +++ b/src/routes/validate/user.ts @@ -17,9 +17,8 @@ export default class UserValidate { // validate input for user .max(128), pass: Joi.string() - .pattern(/^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[!"#%&'()*+,-.\/:;<=>?@[\]^_`{|}~])(?=\S+$)[a-zA-Z0-9!"#%&'()*+,\-.\/:;<=>?@[\]^_`{|}~]{8,}$/) - .max(128) - .messages({'string.pattern.base': 'password must have at least 8 characters, one uppercase and one lowercase character, one number and at least one of the following characters: !"\\#%&\'()*+,-.\\/:;<=>?@[]^_`\\{|}~'}), + .min(8) + .max(128), level: Joi.string() .valid(...globals.levels),