Skip to content

Commit

Permalink
added password length check to user password validation method
Browse files Browse the repository at this point in the history
  • Loading branch information
albogdano committed Nov 26, 2023
1 parent 8028739 commit fb62068
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion para-core/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,7 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.12.0</version>
<version>3.13.0</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
Expand Down
2 changes: 1 addition & 1 deletion para-core/src/main/java/com/erudika/para/core/User.java
Original file line number Diff line number Diff line change
Expand Up @@ -718,7 +718,7 @@ public static final boolean passwordMatches(User u) throws LimitExceededExceptio
}
String password = u.getPassword();
String identifier = u.getIdentifier();
if (StringUtils.isBlank(password) || StringUtils.isBlank(identifier)) {
if (StringUtils.isBlank(password) || StringUtils.isBlank(identifier) || password.length() > MAX_PASSWORD_LENGTH) {
return false;
}
ParaObject s = CoreUtils.getInstance().getDao().read(u.getAppid(), identifier);
Expand Down

0 comments on commit fb62068

Please sign in to comment.