Adding a password length check to other API actions. (#1474)

* Adding a password length check to other API actions.

- Fixes #1473

* Fixing comment.

crates/api/src/lib.rs

@@ -465,6 +465,15 @@ pub(crate) fn espeak_wav_base64(text: &str) -> Result<String, LemmyError> {
   Ok(base64)
 }
 
+/// Checks the password length
+pub(crate) fn password_length_check(pass: &str) -> Result<(), LemmyError> {
+  if pass.len() > 60 {
+    Err(ApiError::err("invalid_password").into())
+  } else {
+    Ok(())
+  }
+}
+
 #[cfg(test)]
 mod tests {
   use crate::captcha_espeak_wav_base64;

crates/api/src/user.rs

@@ -4,6 +4,7 @@ use crate::{
   get_user_from_jwt,
   get_user_from_jwt_opt,
   is_admin,
+  password_length_check,
   Perform,
 };
 use actix_web::web::Data;
@@ -144,10 +145,7 @@ impl Perform for Register {
       }
     }
 
-    // Password length check
+    password_length_check(&data.password)?;
-    if data.password.len() > 60 {
-      return Err(ApiError::err("invalid_password").into());
-    }
 
     // Make sure passwords match
     if data.password != data.password_verify {
@@ -390,6 +388,8 @@ impl Perform for SaveUserSettings {
       Some(new_password) => {
         match &data.new_password_verify {
           Some(new_password_verify) => {
+            password_length_check(&new_password)?;
+
             // Make sure passwords match
             if new_password != new_password_verify {
               return Err(ApiError::err("passwords_dont_match").into());
@@ -989,6 +989,8 @@ impl Perform for PasswordChange {
     })
     .await??;
 
+    password_length_check(&data.password)?;
+
     // Make sure passwords match
     if data.password != data.password_verify {
       return Err(ApiError::err("passwords_dont_match").into());