mirror/Checkmate
1
0
Fork 0
mirror of https://github.com/bluewave-labs/Checkmate.git synced 2026-05-18 23:48:43 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: remove <> from allowed password characters and display allowed special chars

Browse Source 
## Changes
- Remove < and > from password regex pattern in joi.js (these chars are
  stripped by DOMPurify sanitization which caused confusing validation errors)
- Update locale strings to display the list of allowed special characters
  in password tooltip, error messages, and PasswordPanel requirements

## Benefits
- Users now see exactly which special characters are allowed when setting passwords
- Eliminates confusing "password cannot be empty" errors when using < or >
- Regex now accurately reflects the characters that actually work

Fixes #3010
This commit is contained in:
gorkem-bwl
2026-01-15 22:50:29 -05:00
parent b5caabed20
commit d91e87f484
2 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
client/src/locales/en.json
+3 -3
View File
@@ -483,7 +483,7 @@
"newPassword": "New password",
"enterNewPassword": "Enter your new password",
"confirmNewPassword": "Confirm new password",
"passwordRequirements": "New password must contain at least 8 characters and must have at least one uppercase letter, one lowercase letter, one number and one special character.",
"passwordRequirements": "New password must contain at least 8 characters and must have at least one uppercase letter, one lowercase letter, one number and one special character (!?@#$%^&*()-_=+[]{}|;:'\",./\\~`).",
"saving": "Saving..."
},
"emailSent": "Email sent successfully",
@@ -542,7 +542,7 @@
},
"special": {
"beginning": "Must contain at least",
"highlighted": "one special character"
"highlighted": "one special character (!?@#$%^&*()-_=+[]{}|;:'\",./\\~`)"
},
"number": {
"beginning": "Must contain at least",
@@ -567,7 +567,7 @@
"uppercase": "Password must contain at least 1 uppercase letter",
"lowercase": "Password must contain at least 1 lowercase letter",
"number": "Password must contain at least 1 number",
"special": "Password must contain at least 1 special character",
"special": "Password must contain at least 1 special character (!?@#$%^&*()-_=+[]{}|;:'\",./\\~`)",
"incorrect": "The password you provided does not match our records"
}
},
server/src/validation/joi.js
+1 -2
View File
@@ -17,8 +17,7 @@ const roleValidatior = (role) => (value, helpers) => {
// Auth
//****************************************
const passwordPattern =
/^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!?@#$%^&*()\-_=+[\]{};:'",.<>~`|\\/])[A-Za-z0-9!?@#$%^&*()\-_=+[\]{};:'",.<>~`|\\/]+$/;
const passwordPattern = /^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!?@#$%^&*()\-_=+[\]{};:'",.~`|\\/])[A-Za-z0-9!?@#$%^&*()\-_=+[\]{};:'",.~`|\\/]+$/;
const loginValidation = joi.object({
email: joi.string().email().required().lowercase(),