Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Password length? #22

Open
pavelmgn opened this issue Aug 24, 2022 · 3 comments
Open

Password length? #22

pavelmgn opened this issue Aug 24, 2022 · 3 comments
Labels
Type: Question

Comments

@pavelmgn
Copy link
Contributor

pavelmgn commented Aug 24, 2022
edited
Loading

Hi. The documentation says:

Password length requirements
By default, the User plugin requires a minimum password length of 8 characters for all users when registering or changing their password. You can change this length requirement by going to backend and navigating to System > Users > User Settings. Inside the Registration tab, a Minimum password length field is provided, allowing you to increase or decrease this limit to your preferred length.

There are no fields on the registration tab that set the minimum number. But minimun length i find in config.php.
User model has rules. And validation has nothing to do with the config

 'password' => 'required:create|between:8,255|confirmed',

image

fields.yaml in settings model:

# ===================================
#  Field Definitions
# ===================================

tabs:
    fields:
        # Throttle Sign In
        use_throttle:
            span: left
            label: winter.user::lang.settings.use_throttle
            comment: winter.user::lang.settings.use_throttle_comment
            type: switch
            tab: winter.user::lang.settings.signin_tab

        # Prevent concurrent sessions
        block_persistence:
            span: right
            label: winter.user::lang.settings.block_persistence
            comment: winter.user::lang.settings.block_persistence_comment
            type: switch
            tab: winter.user::lang.settings.signin_tab

        # Login Attribute
        login_attribute:
            span: left
            label: winter.user::lang.settings.login_attribute
            commentAbove: winter.user::lang.settings.login_attribute_comment
            type: radio
            tab: winter.user::lang.settings.signin_tab

        # Remeber Login Mode
        remember_login:
            span: right
            label: winter.user::lang.settings.remember_login
            commentAbove: winter.user::lang.settings.remember_login_comment
            type: radio
            tab: winter.user::lang.settings.signin_tab

        # Require Activation
        allow_registration:
            span: left
            label: winter.user::lang.settings.allow_registration
            comment: winter.user::lang.settings.allow_registration_comment
            type: switch
            tab: winter.user::lang.settings.registration_tab

        # Enable registration throttling
        use_register_throttle:
            span: right
            label: winter.user::lang.settings.use_register_throttle
            comment: winter.user::lang.settings.use_register_throttle_comment
            type: switch
            tab: winter.user::lang.settings.registration_tab

        # Require Activation
        require_activation:
            span: left
            label: winter.user::lang.settings.require_activation
            comment: winter.user::lang.settings.require_activation_comment
            type: switch
            tab: winter.user::lang.settings.activation_tab

        # Activation Mode
        activate_mode:
            span: left
            commentAbove: winter.user::lang.settings.activate_mode_comment
            label: winter.user::lang.settings.activate_mode
            type: radio
            tab: winter.user::lang.settings.activation_tab

User modal also has method :

public static function getMinPasswordLength()
    {
        return Config::get('winter.user::minPasswordLength', 8);
    }

use only on reset password and signin.

image

upd:
Sorry I didn't see beforeValidate method where change rules with minLength from config.
But its not work beacuse validation rules in onRegister method in Account component take rules from property, before beforeValidate.

image

If I'm wrong, I apologize
@bennothommo
Copy link
Member

@pavelmgn there was a setting in the backend to change it, even back in October (around the time of this commit d090069), but then the October founders removed it (243ab40) and converted it to a config file, but likely forgot to remove the mention from the README.

So, you're not wrong :)

@pavelmgn
Copy link
Contributor Author

pavelmgn commented Sep 3, 2022
edited
Loading

@bennothommo And what about the Account component? Does its validation check on the onRegister method not take settings from the config file? There validation rules are taken only from the property "rules", and the configuration from the config affects only the beforeValidate in the model? In the component, validation is separate.

wn-user-plugin/components/Account.php

Line 289 in de82b9a

$rules = (new UserModel)->rules;

minimum symbols not takes from config

@pavelmgn pavelmgn mentioned this issue Sep 4, 2022
Merged
@pavelmgn
Copy link
Contributor Author

pavelmgn commented Sep 4, 2022

#23

But need change Account component for validation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@LukeTowers @pavelmgn @bennothommo