Merge branch '1.5.x' into fix-limit-failed-webhook-attempts
This commit is contained in:
commit
cfca9f232c
6 changed files with 63 additions and 18 deletions
|
@ -69,7 +69,7 @@ App::post('/v1/account')
|
|||
->label('abuse-limit', 10)
|
||||
->param('userId', '', new CustomId(), 'Unique Id. Choose a custom ID or generate a random ID with `ID.unique()`. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
|
||||
->param('email', '', new Email(), 'User email.')
|
||||
->param('password', '', fn ($project, $passwordsDictionary) => new PasswordDictionary($passwordsDictionary, $project->getAttribute('auths', [])['passwordDictionary'] ?? false), 'New user password. Must be at least 8 chars.', false, ['project', 'passwordsDictionary'])
|
||||
->param('password', '', fn ($project, $passwordsDictionary) => new PasswordDictionary($passwordsDictionary, $project->getAttribute('auths', [])['passwordDictionary'] ?? false), 'New user password. Must be between 8 and 256 chars.', false, ['project', 'passwordsDictionary'])
|
||||
->param('name', '', new Text(128), 'User name. Max length: 128 chars.', true)
|
||||
->inject('request')
|
||||
->inject('response')
|
||||
|
@ -2724,8 +2724,8 @@ App::put('/v1/account/recovery')
|
|||
->label('abuse-key', 'url:{url},userId:{param-userId}')
|
||||
->param('userId', '', new UID(), 'User ID.')
|
||||
->param('secret', '', new Text(256), 'Valid reset token.')
|
||||
->param('password', '', new Password(), 'New user password. Must be at least 8 chars.')
|
||||
->param('passwordAgain', '', new Password(), 'Repeat new user password. Must be at least 8 chars.')
|
||||
->param('password', '', fn ($project, $passwordsDictionary) => new PasswordDictionary($passwordsDictionary, $project->getAttribute('auths', [])['passwordDictionary'] ?? false), 'New user password. Must be between 8 and 256 chars.', false, ['project', 'passwordsDictionary'])
|
||||
->param('passwordAgain', '', fn ($project, $passwordsDictionary) => new PasswordDictionary($passwordsDictionary, $project->getAttribute('auths', [])['passwordDictionary'] ?? false), 'Repeat new user password. Must be between 8 and 256 chars.', false, ['project', 'passwordsDictionary'])
|
||||
->inject('response')
|
||||
->inject('user')
|
||||
->inject('dbForProject')
|
||||
|
|
26
composer.lock
generated
26
composer.lock
generated
|
@ -1906,16 +1906,16 @@
|
|||
},
|
||||
{
|
||||
"name": "utopia-php/database",
|
||||
"version": "0.45.2",
|
||||
"version": "0.45.3",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/utopia-php/database.git",
|
||||
"reference": "dc789f2c1fd8b5ee07ff883e11c9ad7970824788"
|
||||
"reference": "33b4e9a4a6c29f6bb7e108e134b283d585955789"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/utopia-php/database/zipball/dc789f2c1fd8b5ee07ff883e11c9ad7970824788",
|
||||
"reference": "dc789f2c1fd8b5ee07ff883e11c9ad7970824788",
|
||||
"url": "https://api.github.com/repos/utopia-php/database/zipball/33b4e9a4a6c29f6bb7e108e134b283d585955789",
|
||||
"reference": "33b4e9a4a6c29f6bb7e108e134b283d585955789",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
|
@ -1956,9 +1956,9 @@
|
|||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/utopia-php/database/issues",
|
||||
"source": "https://github.com/utopia-php/database/tree/0.45.2"
|
||||
"source": "https://github.com/utopia-php/database/tree/0.45.3"
|
||||
},
|
||||
"time": "2023-11-15T03:38:47+00:00"
|
||||
"time": "2023-12-28T11:12:26+00:00"
|
||||
},
|
||||
{
|
||||
"name": "utopia-php/domains",
|
||||
|
@ -2742,16 +2742,16 @@
|
|||
},
|
||||
{
|
||||
"name": "utopia-php/storage",
|
||||
"version": "0.18.1",
|
||||
"version": "0.18.3",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/utopia-php/storage.git",
|
||||
"reference": "983e6dee137012f9f57f126d3c79aab54e4e8824"
|
||||
"reference": "faa0279519ac14f3501e8b138e0865ad9d12bff6"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/utopia-php/storage/zipball/983e6dee137012f9f57f126d3c79aab54e4e8824",
|
||||
"reference": "983e6dee137012f9f57f126d3c79aab54e4e8824",
|
||||
"url": "https://api.github.com/repos/utopia-php/storage/zipball/faa0279519ac14f3501e8b138e0865ad9d12bff6",
|
||||
"reference": "faa0279519ac14f3501e8b138e0865ad9d12bff6",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
|
@ -2791,9 +2791,9 @@
|
|||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/utopia-php/storage/issues",
|
||||
"source": "https://github.com/utopia-php/storage/tree/0.18.1"
|
||||
"source": "https://github.com/utopia-php/storage/tree/0.18.3"
|
||||
},
|
||||
"time": "2023-10-24T14:44:19+00:00"
|
||||
"time": "2023-12-31T11:45:12+00:00"
|
||||
},
|
||||
{
|
||||
"name": "utopia-php/swoole",
|
||||
|
@ -5847,5 +5847,5 @@
|
|||
"platform-overrides": {
|
||||
"php": "8.0"
|
||||
},
|
||||
"plugin-api-version": "2.3.0"
|
||||
"plugin-api-version": "2.6.0"
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@ class Password extends Validator
|
|||
*/
|
||||
public function getDescription(): string
|
||||
{
|
||||
return 'Password must be at least 8 characters';
|
||||
return 'Password must be between 8 and 256 characters long.';
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -40,6 +40,10 @@ class Password extends Validator
|
|||
return false;
|
||||
}
|
||||
|
||||
if (\strlen($value) > 256) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
|
|
|
@ -27,7 +27,7 @@ class PasswordDictionary extends Password
|
|||
*/
|
||||
public function getDescription(): string
|
||||
{
|
||||
return 'Password must be at least 8 characters and should not be one of the commonly used password.';
|
||||
return 'Password must be between 8 and 265 characters long, and should not be one of the commonly used password.';
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -94,6 +94,36 @@ trait AccountBase
|
|||
|
||||
$this->assertEquals($response['headers']['status-code'], 400);
|
||||
|
||||
$shortPassword = 'short';
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'userId' => ID::unique(),
|
||||
'email' => 'shortpass@appwrite.io',
|
||||
'password' => $shortPassword
|
||||
]);
|
||||
|
||||
$this->assertEquals($response['headers']['status-code'], 400);
|
||||
|
||||
$longPassword = '';
|
||||
for ($i = 0; $i < 257; $i++) { // 256 is the limit
|
||||
$longPassword .= 'p';
|
||||
}
|
||||
|
||||
$response = $this->client->call(Client::METHOD_POST, '/account', array_merge([
|
||||
'origin' => 'http://localhost',
|
||||
'content-type' => 'application/json',
|
||||
'x-appwrite-project' => $this->getProject()['$id'],
|
||||
]), [
|
||||
'userId' => ID::unique(),
|
||||
'email' => 'longpass@appwrite.io',
|
||||
'password' => $longPassword,
|
||||
]);
|
||||
|
||||
$this->assertEquals($response['headers']['status-code'], 400);
|
||||
|
||||
return [
|
||||
'id' => $id,
|
||||
'email' => $email,
|
||||
|
|
|
@ -24,5 +24,16 @@ class PasswordDictionaryTest extends TestCase
|
|||
$this->assertEquals($this->object->isValid('123456'), false);
|
||||
$this->assertEquals($this->object->isValid('password'), false);
|
||||
$this->assertEquals($this->object->isValid('myPasswordIsRight'), true);
|
||||
|
||||
$pass = ''; // 256 chars
|
||||
for ($i = 0; $i < 256; $i++) {
|
||||
$pass .= 'p';
|
||||
}
|
||||
|
||||
$this->assertEquals($this->object->isValid($pass), true);
|
||||
|
||||
$pass .= 'p'; // 257 chars
|
||||
|
||||
$this->assertEquals($this->object->isValid($pass), false);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue