OpenSourceArk/Ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
8f2dc2ff02
Ghost/ghost/admin/tests
History
Aileen Nowak 8f2dc2ff02 Match client-side password validation to new server-side rules (#899) 
refs TryGhost/Ghost#9150

- added a new validator for password validations that will take care of the rules client side
- Passwort rules added:
   - Disallow obviously bad passwords: 1234567890, qwertyuiop, asdfghjkl; and asdfghjklm
   - Disallow passwords that contain the words "password" or "ghost"
   - Disallow passwords that match the user's email address
   - Disallow passwords that match the blog domain or blog title
   - Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example.
- When changing the own password, the old password is not affected by the new validations
- Validation are running on
   - setup
   - signup
   - password change in Team - User (only new passwords are validated)
   - passwort reset
2017-10-26 11:02:17 +01:00
..
acceptance Match client-side password validation to new server-side rules (#899) 2017-10-26 11:02:17 +01:00
helpers Removed defunct Ghost OAuth code (#848) 2017-09-04 21:17:04 +02:00
integration Custom Post Templates UI (#878) 2017-10-10 14:26:19 +02:00
unit Match client-side password validation to new server-side rules (#899) 2017-10-26 11:02:17 +01:00
.eslintrc.js new publish menu and date/time picker (#588) 2017-04-11 14:39:45 +01:00
index.html Fetch config from endpoint rather than meta tags (#368) 2016-10-28 14:07:50 +01:00
test-helper.js Update code to match eslint rules 2016-11-14 13:26:00 +00:00