From 5609db3545cadaf01299d96b7a95c6b92b939a1f Mon Sep 17 00:00:00 2001 From: Adria Navarro Date: Tue, 2 Jan 2024 15:16:09 +0100 Subject: [PATCH] Add max limit --- packages/backend-core/src/security/auth.ts | 8 ++++++++ packages/backend-core/src/security/tests/auth.spec.ts | 11 +++++++++++ 2 files changed, 19 insertions(+) diff --git a/packages/backend-core/src/security/auth.ts b/packages/backend-core/src/security/auth.ts index 2488d67654..3bcecd9e11 100644 --- a/packages/backend-core/src/security/auth.ts +++ b/packages/backend-core/src/security/auth.ts @@ -1,4 +1,5 @@ const MIN_LENGTH = 8 +const MAX_LENGTH = 100 export function validatePassword( password: string @@ -10,5 +11,12 @@ export function validatePassword( } } + if (password.length > MAX_LENGTH) { + return { + valid: false, + error: "Password invalid. Maximum hundred characters.", + } + } + return { valid: true } } diff --git a/packages/backend-core/src/security/tests/auth.spec.ts b/packages/backend-core/src/security/tests/auth.spec.ts index c72310da24..7be049ae1a 100644 --- a/packages/backend-core/src/security/tests/auth.spec.ts +++ b/packages/backend-core/src/security/tests/auth.spec.ts @@ -1,3 +1,4 @@ +import { generator } from "../../../tests" import { validatePassword } from "../auth" describe("auth", () => { @@ -16,5 +17,15 @@ describe("auth", () => { error: "Password invalid. Minimum eight characters.", }) }) + + it.each([ + generator.word({ length: 101 }), + generator.paragraph().substring(0, 101), + ])("limit password length", password => { + expect(validatePassword(password as string)).toEqual({ + valid: false, + error: "Password invalid. Maximum hundred characters.", + }) + }) }) })