From 1e312bf7ef7e119fa0f1bd3517d756ca013d5e79 Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Tue, 3 Nov 2020 11:42:42 -0500
Subject: [PATCH] fix: remove 'password-too-long' error message and all
 invocations

---
 public/language/en-GB/error.json           |  1 -
 public/src/client/account/edit/password.js |  2 --
 public/src/client/register.js              |  2 --
 public/src/client/reset_code.js            |  3 ---
 src/user/create.js                         |  4 ----
 test/authentication.js                     | 13 -------------
 test/user.js                               | 11 -----------
 7 files changed, 36 deletions(-)

diff --git a/public/language/en-GB/error.json b/public/language/en-GB/error.json
index 206e7bbf26..d3dc72d066 100644
--- a/public/language/en-GB/error.json
+++ b/public/language/en-GB/error.json
@@ -43,7 +43,6 @@
 
 	"username-too-short": "Username too short",
 	"username-too-long": "Username too long",
-	"password-too-long": "Password too long",
 	"reset-rate-limited": "Too many password reset requests (rate limited)",
 
 	"user-banned": "User banned",
diff --git a/public/src/client/account/edit/password.js b/public/src/client/account/edit/password.js
index 99b8cdde71..b9a1ab78cf 100644
--- a/public/src/client/account/edit/password.js
+++ b/public/src/client/account/edit/password.js
@@ -25,8 +25,6 @@ define('forum/account/edit/password', [
 			passwordvalid = false;
 			if (password.val().length < ajaxify.data.minimumPasswordLength) {
 				showError(password_notify, '[[reset_password:password_too_short]]');
-			} else if (password.val().length > 512) {
-				showError(password_notify, '[[error:password-too-long]]');
 			} else if (!utils.isPasswordValid(password.val())) {
 				showError(password_notify, '[[user:change_password_error]]');
 			} else if (password.val() === ajaxify.data.username) {
diff --git a/public/src/client/register.js b/public/src/client/register.js
index d2fca2b7f5..e2cc8d7bf4 100644
--- a/public/src/client/register.js
+++ b/public/src/client/register.js
@@ -184,8 +184,6 @@ define('forum/register', [
 
 		if (password.length < ajaxify.data.minimumPasswordLength) {
 			showError(password_notify, '[[reset_password:password_too_short]]');
-		} else if (password.length > 512) {
-			showError(password_notify, '[[error:password-too-long]]');
 		} else if (!utils.isPasswordValid(password)) {
 			showError(password_notify, '[[user:change_password_error]]');
 		} else if (password === $('#username').val()) {
diff --git a/public/src/client/reset_code.js b/public/src/client/reset_code.js
index 5a27b16978..89b2d71474 100644
--- a/public/src/client/reset_code.js
+++ b/public/src/client/reset_code.js
@@ -16,9 +16,6 @@ define('forum/reset_code', ['zxcvbn'], function (zxcvbn) {
 			if (password.val().length < ajaxify.data.minimumPasswordLength) {
 				$('#notice').removeClass('hidden');
 				$('#notice strong').translateText('[[reset_password:password_too_short]]');
-			} else if (password.val().length > 512) {
-				$('#notice').removeClass('hidden');
-				$('#notice strong').translateText('[[error:password-too-long]]');
 			} else if (password.val() !== repeat.val()) {
 				$('#notice').removeClass('hidden');
 				$('#notice strong').translateText('[[reset_password:passwords_do_not_match]]');
diff --git a/src/user/create.js b/src/user/create.js
index 5fb1c56ad8..ad308ef86d 100644
--- a/src/user/create.js
+++ b/src/user/create.js
@@ -169,10 +169,6 @@ module.exports = function (User) {
 			throw new Error('[[reset_password:password_too_short]]');
 		}
 
-		if (password.length > 512) {
-			throw new Error('[[error:password-too-long]]');
-		}
-
 		const strength = zxcvbn(password);
 		if (strength.score < minStrength) {
 			throw new Error('[[user:weak_password]]');
diff --git a/test/authentication.js b/test/authentication.js
index 6a1d255bac..885eda5274 100644
--- a/test/authentication.js
+++ b/test/authentication.js
@@ -316,19 +316,6 @@ describe('authentication', function () {
 		});
 	});
 
-	it('should fail to login if password is longer than 4096', function (done) {
-		var longPassword;
-		for (var i = 0; i < 5000; i++) {
-			longPassword += 'a';
-		}
-		loginUser('someuser', longPassword, function (err, response, body) {
-			assert.ifError(err);
-			assert.equal(response.statusCode, 403);
-			assert.equal(body, '[[error:password-too-long]]');
-			done();
-		});
-	});
-
 	it('should fail to login if local login is disabled', function (done) {
 		privileges.global.rescind(['groups:local:login'], 'registered-users', function (err) {
 			assert.ifError(err);
diff --git a/test/user.js b/test/user.js
index 101373316c..21e5604836 100644
--- a/test/user.js
+++ b/test/user.js
@@ -90,17 +90,6 @@ describe('User', function () {
 			});
 		});
 
-		it('should error with a too long password', function (done) {
-			var toolong = '';
-			for (var i = 0; i < 5000; i++) {
-				toolong += 'a';
-			}
-			User.create({ username: 'test', password: toolong }, function (err) {
-				assert.equal(err.message, '[[error:password-too-long]]');
-				done();
-			});
-		});
-
 		it('should error if username is already taken or rename user', async function () {
 			let err;
 			async function tryCreate(data) {