No validation on reset password page #89

medamineziraoui · 2021-03-08T10:01:41Z

When we try to populate the reset password page, if we leave the inputs empty or not identical password we don t get any error message

how to get to the page:
http://localhost:3000/account/amine+6@bearstudio.fr/password/bvoTW85Te2NCgyC4tPK11gONcH8qCF

Gregoire-Bearstudio · 2021-03-17T10:00:37Z

We encountered a few problems :

We can put the same current password
The same password reset link works several times
There is no form validation if we put less than the minimum number of characters in the password field
We can modify the email in the link to edit someone else's password. We can't change the password, but we should be redirected to the login page in that case
We send the password and the password confirmation. We only one of these, since the validation on the front-end side (one of the information is redundant, see image on "Requested payload")

Gregoire-Bearstudio · 2021-03-22T14:16:45Z

The previous problems are still unchanged, and need to be corrected (maybe another time, but we have to keep these in mind)

medamineziraoui · 2021-03-22T14:25:30Z

Close this issue, feedback are converted to another one
#166

medamineziraoui mentioned this issue Mar 8, 2021

Fix the unauthorized page to not connected user #88

Merged

medamineziraoui changed the title ~~Not validation on reset password page~~ No validation on reset password page Mar 8, 2021

medamineziraoui closed this as completed Mar 22, 2021

Provide feedback