Minimum password length + Static Pages fixes #11474
Conversation
| return this.password.length >= MINIMUM_PASSWORD_LENGTH; | ||
| }, | ||
| passwordInvalid () { | ||
| if (this.password.length <= 0) return false; |
There was a problem hiding this comment.
Is this <=0 line correct? Doesn't it mean that passwordInvalid will be false (i.e., password will be considered valid) if the length is 0 or less?
Are this line and also line 864 needed at all? I think the checks against MINIMUM_PASSWORD_LENGTH will handle all the cases.
There was a problem hiding this comment.
Is this <=0 line correct? Doesn't it mean that passwordInvalid will be false (i.e., password will be considered valid) if the length is 0 or less?
The idea here is (taken from other fields) not to show the error class until the user has typed something int to field
| passwordInvalid () { | ||
| if (this.password.length <= 0) return false; | ||
| return this.password.length < MINIMUM_PASSWORD_LENGTH; | ||
| }, | ||
| passwordConfirmValid () { | ||
| if (this.passwordConfirm.length <= 3) return false; |
There was a problem hiding this comment.
Should this be changed to 8 or the whole line deleted? I don't think a length check is needed here because the only important check is that the password confirm value is the same as the password value (and we're already checking length for the password).
Same for passwordConfirmInvalid below.
There was a problem hiding this comment.
The <= 3 was a previous check that I think was supposed not to show the error until the user has typed at least 3 characters, which I feel like makes sense from an UX perspective but I'm not 100% sure
paglias
changed the title
paglias
added
status: pr: merged in develop; deploy pending
and removed
status: pr: in QA
status: pr: ready for review
labels
Enforce a minimum password length of 8 characters.