From da48fd84dcd4813abf640f919b122c41cb8e0928 Mon Sep 17 00:00:00 2001
From: printempw <h@prinzeugen.net>
Date: Sat, 24 Feb 2018 16:05:07 +0800
Subject: [PATCH] Adjust allowed maximum password length to 32

---
 app/Http/Controllers/AuthController.php        |  6 +++---
 resources/assets/src/js/__tests__/auth.test.js |  4 ++--
 resources/assets/src/js/auth/register.js       |  4 ++--
 resources/lang/en/locale.js                    |  2 +-
 resources/lang/zh_CN/locale.js                 |  2 +-
 tests/AuthControllerTest.php                   | 14 +++++++-------
 6 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
index ed3df09e..f45deadd 100644
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -28,7 +28,7 @@ class AuthController extends Controller
     {
         $this->validate($request, [
             'identification' => 'required',
-            'password'       => 'required|min:6|max:64'
+            'password'       => 'required|min:6|max:32'
         ]);
 
         $identification = $request->input('identification');
@@ -110,7 +110,7 @@ class AuthController extends Controller
 
         $this->validate($request, [
             'email'    => 'required|email',
-            'password' => 'required|min:8|max:16',
+            'password' => 'required|min:8|max:32',
             'nickname' => 'required|nickname|max:255'
         ]);
 
@@ -267,7 +267,7 @@ class AuthController extends Controller
     {
         $this->validate($request, [
             'uid'      => 'required|integer',
-            'password' => 'required|min:8|max:16',
+            'password' => 'required|min:8|max:32',
             'token'    => 'required',
         ]);
 
diff --git a/resources/assets/src/js/__tests__/auth.test.js b/resources/assets/src/js/__tests__/auth.test.js
index 7105b676..e5c23cf8 100644
--- a/resources/assets/src/js/__tests__/auth.test.js
+++ b/resources/assets/src/js/__tests__/auth.test.js
@@ -182,7 +182,7 @@ describe('tests for "register" module', () => {
     expect(showMsg).toBeCalledWith('auth.invalidPassword', 'warning');
     expect($('#password').is(':focus')).toBe(true);
 
-    $('#password').val('too_long_password');
+    $('#password').val('too_long_password_very_super_long');
     $('#password').blur();
     $('button').click();
     expect(trans).toBeCalledWith('auth.invalidPassword');
@@ -372,7 +372,7 @@ describe('tests for "reset" module', () => {
     expect(showMsg).toBeCalledWith('auth.invalidPassword', 'warning');
     expect($('#password').is(':focus')).toBe(true);
 
-    $('#password').val('too_long_password');
+    $('#password').val('too_long_password_very_super_long');
     $('#password').blur();
     $('button').click();
     expect(trans).toBeCalledWith('auth.invalidPassword');
diff --git a/resources/assets/src/js/auth/register.js b/resources/assets/src/js/auth/register.js
index 4178715b..3fd1e442 100644
--- a/resources/assets/src/js/auth/register.js
+++ b/resources/assets/src/js/auth/register.js
@@ -4,7 +4,7 @@
 
 $('#register-button').click(e => {
     e.preventDefault();
-    
+
     const data = {
         email: $('#email').val(),
         password: $('#password').val(),
@@ -23,7 +23,7 @@ $('#register-button').click(e => {
         } else if (password === '') {
             showMsg(trans('auth.emptyPassword'));
             $('#password').focus();
-        } else if (password.length < 8 || password.length > 16) {
+        } else if (password.length < 8 || password.length > 32) {
             showMsg(trans('auth.invalidPassword'), 'warning');
             $('#password').focus();
         } else if ($('#confirm-pwd').val() === '') {
diff --git a/resources/lang/en/locale.js b/resources/lang/en/locale.js
index 40665440..e65121d8 100644
--- a/resources/lang/en/locale.js
+++ b/resources/lang/en/locale.js
@@ -23,7 +23,7 @@
             // Register
             emptyEmail: 'Empty email address.',
             invalidEmail: 'Invalid format of email address.',
-            invalidPassword: 'Invalid password. The length of password should between 8 and 16.',
+            invalidPassword: 'Invalid password. The length of password should between 8 and 32.',
             emptyConfirmPwd: 'Empty confirming password.',
             invalidConfirmPwd: 'Confirming password is not equal with password.',
             emptyNickname: 'Empty nickname.',
diff --git a/resources/lang/zh_CN/locale.js b/resources/lang/zh_CN/locale.js
index 860aa3ef..d987e22d 100644
--- a/resources/lang/zh_CN/locale.js
+++ b/resources/lang/zh_CN/locale.js
@@ -23,7 +23,7 @@
             // Register
             emptyEmail: '你还没有填写邮箱哦',
             invalidEmail: '邮箱格式不正确！',
-            invalidPassword: '无效的密码。密码长度应该大于 8 并小于 16。',
+            invalidPassword: '无效的密码。密码长度应该大于 8 并小于 32。',
             emptyConfirmPwd: '确认密码不能为空',
             invalidConfirmPwd: '密码和确认的密码不一样诶？',
             emptyNickname: '你还没有填写昵称哦',
diff --git a/tests/AuthControllerTest.php b/tests/AuthControllerTest.php
index be8b0313..26f10a45 100644
--- a/tests/AuthControllerTest.php
+++ b/tests/AuthControllerTest.php
@@ -62,7 +62,7 @@ class AuthControllerTest extends TestCase
             'msg' => trans('validation.min.string', ['attribute' => 'password', 'min' => 6])
         ]);
 
-        // Should return a warning if length of `password` is greater than 64
+        // Should return a warning if length of `password` is greater than 32
         $this->post(
             '/auth/login', [
             'identification' => $user->email,
@@ -71,7 +71,7 @@ class AuthControllerTest extends TestCase
             'X-Requested-With' => 'XMLHttpRequest'
         ])->seeJson([
             'errno' => 1,
-            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 64])
+            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 32])
         ]);
 
         $this->flushSession();
@@ -255,18 +255,18 @@ class AuthControllerTest extends TestCase
             'msg' => trans('validation.min.string', ['attribute' => 'password', 'min' => 8])
         ]);
 
-        // Should return a warning if length of `password` is greater than 16
+        // Should return a warning if length of `password` is greater than 32
         $this->post(
             '/auth/register',
             [
                 'email' => 'a@b.c',
-                'password' => str_random(17),
+                'password' => str_random(33),
                 'captcha' => 'a'
             ],
             ['X-Requested-With' => 'XMLHttpRequest']
         )->seeJson([
             'errno' => 1,
-            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 16])
+            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 32])
         ]);
 
         // Should return a warning if `nickname` is empty
@@ -634,12 +634,12 @@ class AuthControllerTest extends TestCase
         $this->post(
             '/auth/reset', [
             'uid' => $user->uid,
-            'password' => str_random(17)
+            'password' => str_random(33)
         ], [
             'X-Requested-With' => 'XMLHttpRequest'
         ])->seeJson([
             'errno' => 1,
-            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 16])
+            'msg' => trans('validation.max.string', ['attribute' => 'password', 'max' => 32])
         ]);
 
         // Should be forbidden if `token` is missing