Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-01-01 21:30:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: login with weak password

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2019-12-26 20:17:54 -05:00
parent b9679df784
commit 9d074731f4
2 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/user/create.js
View File

@@ -127,7 +127,7 @@ module.exports = function (User) {
};
User.isPasswordValid = function (password, minStrength) {
minStrength = minStrength || meta.config.minimumPasswordStrength;
minStrength = (minStrength || minStrength === 0) ? minStrength : meta.config.minimumPasswordStrength;
// Sanity checks: Checks if defined and is string
if (!password || !utils.isPasswordValid(password)) {

15
test/user.js
View File

@@ -1519,7 +1519,7 @@ describe('User', function () {
it('should save user settings', function (done) {
var data = {
uid: 1,
uid: testUid,
settings: {
bootswatchSkin: 'default',
homePageRoute: 'none',
@@ -2191,4 +2191,17 @@ describe('User', function () {
done();
});
});
it('should allow user to login even if password is weak', function (done) {
User.create({ username: 'weakpwd', password: '123456' }, function (err) {
assert.ifError(err);
const oldValue = meta.config.minimumPasswordStrength;
meta.config.minimumPasswordStrength = 3;
helpers.loginUser('weakpwd', '123456', function (err, jar, csrfs_token) {
assert.ifError(err);
meta.config.minimumPasswordStrength = oldValue;
done();
});
});
});
});