search

codeforpdx / PASS

PASS project - with HMIS module integration
MIT License
24 stars 23 forks source link

[Bug Report] - Mismatching passwords not shown on pod creation #650

Open AJSterner opened 3 weeks ago

AJSterner commented 3 weeks ago

Describe the bug:

The user is required to confirm their password when creating a new account, however the password in "Confirm Password" is not checked against the "Password" field. You can create a new account with mismatching passwords (Password, Confirm Password).

Expected behavior:

I would expect client side validation to block submission until the passwords match.

Actual Behavior:

You can successfully create an account with mismatching password (the primary?)

Screenshots:

This would work: image

To Reproduce:

Steps to reproduce the behavior:

  1. Go to /signup
  2. Attempt to create an account with different passwords
  3. ...
  4. Success?

Desktop (please complete the following information):

Possible Fix:

We should block submission and show an error, additionally password strength validation (length etc.) seems to be missing as well.

andycwilliams commented 3 weeks ago

Bitwarden 🙌

leekahung commented 5 days ago

Hey @AJSterner was curious if you're still doing this bug fix? I could start up a branch and get this patched up. 👍