Make password minimum requirements stronger#197
Conversation
tdonohue
left a comment
tdonohue
left a comment
There was a problem hiding this comment.
@Micheleboychuk : Gave this a review today alongside the implementation. Overall it looks good, but minor suggestions inline below.
| * 201 Created - if the operation succeed | ||
| * 400 Bad Request - if the email address didn't match the token or already exists. If the token doesn't exist or is expired | ||
| * 401 Unauthorized - if the token doesn't allow you to create this account | ||
| * 422 Unprocessable Entity - If password validation is enabled and the password of respects the rules configured in the regular expression |
There was a problem hiding this comment.
I think the text of this could be improved. Maybe say "If password validation is enabled, and the new password doesn't validate based on those rules. See [configuration name]" (Please replace the [configuration name] with the final name of the configuration... I didn't fill it out because I suggested it be renamed in my review here: DSpace/DSpace#8404 (review))
I think we also need to add this 422 exception to the Patch -> Add section in this same epersons.md as it's also possible this will be thrown when changing your password.
|
@Micheleboychuk : This PR still needs updates to align with the implementation PR DSpace/DSpace#8404 |
tdonohue
left a comment
tdonohue
left a comment
There was a problem hiding this comment.
👍 Thanks @Micheleboychuk . This looks good enough to me. However, I'll wait to merge it until the implementation PR is ready to merge (it just needs one more approval)
2 participants
Fixes: DSpace/DSpace#8254
REST: DSpace/DSpace#8404
Angular: DSpace/dspace-angular#1776