repobase/repobase
1
0
Fork 0
Code Issues 8 Pull requests Projects 1 Releases Packages Wiki Activity Actions 4

Fix missing password length check when change password (#3039)

Browse source 
* fix missing password length check when change password

* add tests for change password
This commit is contained in:
Lunny Xiao 2017-12-03 01:11:22 +08:00 committed by Lauris BH
parent 35cc5b0402
commit b3d5ba6f90
3 changed files with 74 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
routers/user/setting.go
View file

@ -222,7 +222,9 @@ func SettingsSecurityPost(ctx *context.Context, form auth.ChangePasswordForm) {
return
}
if ctx.User.IsPasswordSet() && !ctx.User.ValidatePassword(form.OldPassword) {
if len(form.Password) < setting.MinPasswordLength {
ctx.Flash.Error(ctx.Tr("auth.password_too_short", setting.MinPasswordLength))
} else if ctx.User.IsPasswordSet() && !ctx.User.ValidatePassword(form.OldPassword) {
ctx.Flash.Error(ctx.Tr("settings.password_incorrect"))
} else if form.Password != form.Retype {
ctx.Flash.Error(ctx.Tr("form.password_not_match"))