search

Sunagatov / Iced-Latte

a online Marketplace for coffee retail (Backend)
https://iced-latte.uk
MIT License
588 stars 96 forks source link

Reset password. The app allows saving passwords that do not meet the requirements. #268

Open TetianaPerinha opened 2 months ago

TetianaPerinha commented 2 months ago

Description: According to the requirements password must be at least 8 characters long and contain at least one letter, one digit, and may include special characters @$!%*?&.

Precondition: User is registered

Step to reproduce:

Execute the POST request as below. Replace code and email with valid data.

curl --location 'http://0.0.0.0:8083/api/v1/auth/password/change' --header 'Content-Type: application/json' --data-raw '{ "email": "email to resent password", "code": "code to reset password", "password": "t" }'

Expected result: App should reject password, HTTP status code = 400, error message = ”Password must be at least 8 characters long and contain at least one letter, one digit, and may include special characters @$!%*?&")”.

Actual result: The app allows saving password that do not meet requirements, HTTP status code = 200

image image

anmol797 commented 2 days ago

hi , can i work on this issue ?