forked from rDrama/rDrama
enforce 8-100 password requirement in /reset too
parent
695d3a6bc4
commit
e488312dfe
|
@ -462,6 +462,13 @@ def post_reset(v):
|
||||||
time=timestamp,
|
time=timestamp,
|
||||||
error="Passwords didn't match."), 400
|
error="Passwords didn't match."), 400
|
||||||
|
|
||||||
|
if not valid_password_regex.fullmatch(password):
|
||||||
|
return render_template("login/reset_password.html",
|
||||||
|
v=user,
|
||||||
|
token=token,
|
||||||
|
time=timestamp,
|
||||||
|
error="Password must be between 8 and 100 characters."), 400
|
||||||
|
|
||||||
user.passhash = hash_password(password)
|
user.passhash = hash_password(password)
|
||||||
g.db.add(user)
|
g.db.add(user)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue