From eefca9b10befea30fdc34117115f34221f2728a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Fri, 27 Aug 2021 07:32:09 +0200 Subject: [PATCH] Validate bytes only afterwards --- .../phx_gettext/en/LC_MESSAGES/errors.po | 27 ++++++++++++++----- lib/mix/tasks/phx.gen.auth/hashing_library.ex | 5 +++- priv/templates/phx.gen.auth/schema.ex | 5 ++-- 3 files changed, 28 insertions(+), 9 deletions(-) diff --git a/installer/templates/phx_gettext/en/LC_MESSAGES/errors.po b/installer/templates/phx_gettext/en/LC_MESSAGES/errors.po index 73c625e28c..2b38fbd9bc 100644 --- a/installer/templates/phx_gettext/en/LC_MESSAGES/errors.po +++ b/installer/templates/phx_gettext/en/LC_MESSAGES/errors.po @@ -50,13 +50,23 @@ msgid "are still associated with this entry" msgstr "" ## From Ecto.Changeset.validate_length/3 +msgid "should have %{count} item(s)" +msgid_plural "should have %{count} item(s)" +msgstr[0] "" +msgstr[1] "" + msgid "should be %{count} character(s)" msgid_plural "should be %{count} character(s)" msgstr[0] "" msgstr[1] "" -msgid "should have %{count} item(s)" -msgid_plural "should have %{count} item(s)" +msgid "should be %{count} byte(s)" +msgid_plural "should be %{count} byte(s)" +msgstr[0] "" +msgstr[1] "" + +msgid "should have at least %{count} item(s)" +msgid_plural "should have at least %{count} item(s)" msgstr[0] "" msgstr[1] "" @@ -65,8 +75,13 @@ msgid_plural "should be at least %{count} character(s)" msgstr[0] "" msgstr[1] "" -msgid "should have at least %{count} item(s)" -msgid_plural "should have at least %{count} item(s)" +msgid "should be at least %{count} byte(s)" +msgid_plural "should be at least %{count} byte(s)" +msgstr[0] "" +msgstr[1] "" + +msgid "should have at most %{count} item(s)" +msgid_plural "should have at most %{count} item(s)" msgstr[0] "" msgstr[1] "" @@ -75,8 +90,8 @@ msgid_plural "should be at most %{count} character(s)" msgstr[0] "" msgstr[1] "" -msgid "should have at most %{count} item(s)" -msgid_plural "should have at most %{count} item(s)" +msgid "should be at most %{count} byte(s)" +msgid_plural "should be at most %{count} byte(s)" msgstr[0] "" msgstr[1] "" diff --git a/lib/mix/tasks/phx.gen.auth/hashing_library.ex b/lib/mix/tasks/phx.gen.auth/hashing_library.ex index fc9b7bde8b..022a58f401 100644 --- a/lib/mix/tasks/phx.gen.auth/hashing_library.ex +++ b/lib/mix/tasks/phx.gen.auth/hashing_library.ex @@ -1,10 +1,11 @@ defmodule Mix.Tasks.Phx.Gen.Auth.HashingLibrary do @moduledoc false - defstruct [:module, :mix_dependency, :test_config] + defstruct [:name, :module, :mix_dependency, :test_config] def build("bcrypt") do lib = %__MODULE__{ + name: :bcrypt, module: Bcrypt, mix_dependency: ~s|{:bcrypt_elixir, "~> 2.0\"}|, test_config: """ @@ -17,6 +18,7 @@ defmodule Mix.Tasks.Phx.Gen.Auth.HashingLibrary do def build("pbkdf2") do lib = %__MODULE__{ + name: :pbkdf2, module: Pbkdf2, mix_dependency: ~s|{:pbkdf2_elixir, "~> 1.0\"}|, test_config: """ @@ -29,6 +31,7 @@ defmodule Mix.Tasks.Phx.Gen.Auth.HashingLibrary do def build("argon2") do lib = %__MODULE__{ + name: :argon2, module: Argon2, mix_dependency: ~s|{:argon2_elixir, "~> 2.0\"}|, test_config: """ diff --git a/priv/templates/phx.gen.auth/schema.ex b/priv/templates/phx.gen.auth/schema.ex index 5557d59596..9a3d936bc2 100644 --- a/priv/templates/phx.gen.auth/schema.ex +++ b/priv/templates/phx.gen.auth/schema.ex @@ -48,8 +48,9 @@ defmodule <%= inspect schema.module %> do defp validate_password(changeset, opts) do changeset |> validate_required([:password]) - # If using Bcrypt, note it does not support passwords more than 72 bytes long - |> validate_length(:password, min: 12, max: 72, count: :bytes) + |> validate_length(:password, min: 12, max: 72)<%= if hashing_library.name == :bcrypt do %> + # If using Bcrypt, then further validate it is at most 72 bytes long + |> validate_length(:password, max: 72, count: :bytes)<% end %> # |> validate_format(:password, ~r/[a-z]/, message: "at least one lower case character") # |> validate_format(:password, ~r/[A-Z]/, message: "at least one upper case character") # |> validate_format(:password, ~r/[!?@#$%^&*_0-9]/, message: "at least one digit or punctuation character")