From baac9766782fe77cfd0374a13ebb2e10e725321a Mon Sep 17 00:00:00 2001 From: Robin Munn Date: Thu, 14 Sep 2023 11:19:01 +0700 Subject: [PATCH 1/3] Improve password-checking regex Now that we've verified that only the three symbols &, +, and % cause problems in passwords submitted through Chorus, we can loosen the password rules to allow any character except those three. --- frontend/src/lib/forms/utils.ts | 2 +- frontend/src/lib/i18n/locales/en.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/frontend/src/lib/forms/utils.ts b/frontend/src/lib/forms/utils.ts index 106949e19..0af3f3cc6 100644 --- a/frontend/src/lib/forms/utils.ts +++ b/frontend/src/lib/forms/utils.ts @@ -15,5 +15,5 @@ export function tryParse(zodType: ZodType, value: T): ValidT export function passwordFormRules($t: Translater): z.ZodString { return z.string() .min(4, $t('form.password.too_short')) - .regex(/^[a-zA-Z0-9-]+$/, $t('form.password.allowed_characters')); + .regex(/^[^&%+]+$/, $t('form.password.forbidden_characters')); } diff --git a/frontend/src/lib/i18n/locales/en.json b/frontend/src/lib/i18n/locales/en.json index b126d25db..2ed1c63e6 100644 --- a/frontend/src/lib/i18n/locales/en.json +++ b/frontend/src/lib/i18n/locales/en.json @@ -309,7 +309,7 @@ the [Linguistics Institute at Payap University](https://li.payap.ac.th/) in Chia }, "form": { "password": { - "allowed_characters": "Only letters, numbers and dashes (-) are allowed", + "forbidden_characters": "The symbols & (ampersand), + (plus), and % (percent) can cause problems in passwords", "too_short": "Must be at least 4 characters" } } From 214e73d273efa32e14122e994ce36e94db4f3443 Mon Sep 17 00:00:00 2001 From: Robin Munn Date: Thu, 14 Sep 2023 15:34:04 +0700 Subject: [PATCH 2/3] Shorten error message --- frontend/src/lib/i18n/locales/en.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/src/lib/i18n/locales/en.json b/frontend/src/lib/i18n/locales/en.json index 2ed1c63e6..96cd06819 100644 --- a/frontend/src/lib/i18n/locales/en.json +++ b/frontend/src/lib/i18n/locales/en.json @@ -309,7 +309,7 @@ the [Linguistics Institute at Payap University](https://li.payap.ac.th/) in Chia }, "form": { "password": { - "forbidden_characters": "The symbols & (ampersand), + (plus), and % (percent) can cause problems in passwords", + "forbidden_characters": "The symbols &, +, and % can cause problems in passwords", "too_short": "Must be at least 4 characters" } } From 0b3c5b1bbecd6f85138b34c8d1039ee97eaf774d Mon Sep 17 00:00:00 2001 From: Kevin Hahn Date: Mon, 25 Sep 2023 11:41:07 +0700 Subject: [PATCH 3/3] change wording of forbidden chars error message --- frontend/src/lib/i18n/locales/en.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frontend/src/lib/i18n/locales/en.json b/frontend/src/lib/i18n/locales/en.json index 96cd06819..b1028ba08 100644 --- a/frontend/src/lib/i18n/locales/en.json +++ b/frontend/src/lib/i18n/locales/en.json @@ -309,7 +309,7 @@ the [Linguistics Institute at Payap University](https://li.payap.ac.th/) in Chia }, "form": { "password": { - "forbidden_characters": "The symbols &, +, and % can cause problems in passwords", + "forbidden_characters": "The symbols &, +, and % are not allowed in passwords", "too_short": "Must be at least 4 characters" } }