Right now when we ask a user to put in a new password we're only checking if the field exists in the form. We are not however checking if the password strings are empty or if the password matches up to the requirements that the server may have set.
We should create a function to validate passwords based on settings that the admin can configure. And use this whenever a user creates a new password.
Examples would be:
Min characters.
Max characters. (Does our database have this for strings? If so, we should add that to our tests and error reporting.)
Types of required characters, the amount of these required characters that we need.
(Think digits 0-9, alphabetic a-z, special characters @#$)
Right now when we ask a user to put in a new password we're only checking if the field exists in the form. We are not however checking if the password strings are empty or if the password matches up to the requirements that the server may have set.
We should create a function to validate passwords based on settings that the admin can configure. And use this whenever a user creates a new password.
Examples would be: