Page MenuHomePhabricator
Differential D18902

Bring new password validation into AuthPasswordEngine
ClosedPublic
Actions

Authored by epriestley on Jan 22 2018, 12:35 AM.
Tags
None
Referenced Files
F17707335: D18902.id.diff
Wed, Jul 16, 2:52 PM
F17706183: D18902.id45351.diff
Wed, Jul 16, 11:05 AM
F17692320: D18902.diff
Tue, Jul 15, 2:29 AM
F17682090: D18902.id45318.diff
Sun, Jul 13, 8:13 PM
Unknown Object (File)
Jun 9 2025, 2:24 AM
Unknown Object (File)
May 29 2025, 7:16 PM
Unknown Object (File)
May 10 2025, 10:28 AM
Unknown Object (File)
Apr 27 2025, 3:54 AM
View All Files
Subscribers
None

Details

Reviewers
amckinley
Maniphest Tasks
T13043: Improve authentication revocation behaviors
Commits
rPb8a515cb29d8: Bring new password validation into AuthPasswordEngine
Summary

Ref T13043. We have ~4 copies of this logic (registration, lost password recovery, set password, set VCS password).

Currently it varies a bit from case to case, but since it's all going to be basically identical once account passwords swap to the new infrastructure, bring it into the Engine so it can live in one place.

This also fixes VCS passwords not being affected by account.minimum-password-length.

Test Plan

Hit all errors in "VCS Password" panel. Successfully changed password.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley created this revision.Jan 22 2018, 12:35 AM
Harbormaster completed remote builds in B19105: Diff 45318.Jan 22 2018, 12:36 AM
epriestley requested review of this revision.Jan 22 2018, 12:36 AM
amckinley requested changes to this revision.Jan 23 2018, 6:39 PM
amckinley added inline comments.
src/applications/auth/engine/PhabricatorAuthPasswordEngine.php
91

strlen($raw_confirm)?

This revision now requires changes to proceed.Jan 23 2018, 6:39 PM
epriestley updated this revision to Diff 45351.Jan 23 2018, 6:42 PM
  • Fix strlen().
  • Tested to actually hit this error.
  • Changed password.
Harbormaster completed remote builds in B19138: Diff 45351.Jan 23 2018, 6:43 PM
amckinley accepted this revision.Jan 23 2018, 6:43 PM
This revision is now accepted and ready to land.Jan 23 2018, 6:43 PM
Closed by commit rPb8a515cb29d8: Bring new password validation into AuthPasswordEngine (authored by epriestley). · Explain WhyJan 23 2018, 6:58 PM
This revision was automatically updated to reflect the committed changes.
epriestley mentioned this in T13043: Improve authentication revocation behaviors.Jan 23 2018, 11:43 PM

Revision Contents
Changeset List

PathSize
src/
2 lines
applications/
auth/
engine/
73 lines
password/
28 lines
diffusion/
panel/
86 lines

Diff 45358

View Options

src/__phutil_library_map__.php

Loading...
View Options

src/applications/auth/engine/PhabricatorAuthPasswordEngine.php

Loading...
View Options

src/applications/auth/password/PhabricatorAuthPasswordException.php

Loading...
View Options

src/applications/diffusion/panel/DiffusionSetPasswordSettingsPanel.php

Loading...
Phabricator · Built by Phacility