From a13bdf00d628805fbd84690eef9356ad754662f2 Mon Sep 17 00:00:00 2001
From: Tulio Casagrande <tcasagra@thoughtworks.com>
Date: Mon, 3 Apr 2017 15:35:23 -0300
Subject: [#934] Add front-end password validation

---
 .../new_password_form/new_password_form.js         | 52 +++++++++++++++++-----
 1 file changed, 41 insertions(+), 11 deletions(-)

(limited to 'web-ui/src/account_recovery/new_password_form/new_password_form.js')

diff --git a/web-ui/src/account_recovery/new_password_form/new_password_form.js b/web-ui/src/account_recovery/new_password_form/new_password_form.js
index e7f689e8..346c1eb8 100644
--- a/web-ui/src/account_recovery/new_password_form/new_password_form.js
+++ b/web-ui/src/account_recovery/new_password_form/new_password_form.js
@@ -18,6 +18,7 @@
 import 'isomorphic-fetch';
 import React from 'react';
 import { translate } from 'react-i18next';
+import validator from 'validator';
 
 import { submitForm } from 'src/common/util';
 import InputField from 'src/common/input_field/input_field';
@@ -27,22 +28,51 @@ import BackLink from 'src/common/back_link/back_link';
 import './new_password_form.scss';
 
 export class NewPasswordForm extends React.Component {
+
+  constructor(props) {
+    super(props);
+    this.state = {
+      submitButtonDisabled: true,
+      password: '',
+      errorPassword: '',
+      confirmPassword: '',
+      errorConfirmPassword: ''
+    };
+  }
+
   submitHandler = (event) => {
     event.preventDefault();
     submitForm(event, '/account-recovery', {
       userCode: this.props.userCode,
       password: this.state.password,
-      confirmation: this.state.confirmation
+      confirmPassword: this.state.confirmPassword
     }).then(() => this.props.next());
   }
 
-  handlePasswordChange = (event) => {
+  handleChangePassword = (event) => {
     this.setState({ password: event.target.value });
-  }
+    this.validatePassword(event.target.value, this.state.confirmPassword);
+  };
 
-  handlePasswordConfirmationChange = (event) => {
-    this.setState({ confirmation: event.target.value });
-  }
+  handleChangeConfirmPassword = (event) => {
+    this.setState({ confirmPassword: event.target.value });
+    this.validatePassword(this.state.password, event.target.value);
+  };
+
+  validatePassword = (password, confirmPassword) => {
+    const emptyPassword = validator.isEmpty(password);
+    const validPassword = validator.isLength(password, { min: 8, max: undefined });
+    const emptyConfirmPassword = validator.isEmpty(confirmPassword);
+    const validConfirmPassword = confirmPassword === password;
+
+    const t = this.props.t;
+
+    this.setState({
+      errorPassword: !emptyPassword && !validPassword ? t('account-recovery.new-password-form.error.invalid-password') : '',
+      errorConfirmPassword: !emptyConfirmPassword && !validConfirmPassword ? t('account-recovery.new-password-form.error.invalid-confirm-password') : '',
+      submitButtonDisabled: !validPassword || !validConfirmPassword
+    });
+  };
 
   render() {
     const { t, previous } = this.props;
@@ -55,16 +85,16 @@ export class NewPasswordForm extends React.Component {
         />
         <h1>{t('account-recovery.new-password-form.title')}</h1>
         <InputField
-          type='password' name='new-password'
+          type='password' name='new-password' value={this.state.password}
           label={t('account-recovery.new-password-form.input-label1')}
-          onChange={this.handlePasswordChange}
+          errorText={this.state.errorPassword} onChange={this.handleChangePassword}
         />
         <InputField
-          type='password' name='confirm-password'
+          type='password' name='confirm-password' value={this.state.confirmPassword}
           label={t('account-recovery.new-password-form.input-label2')}
-          onChange={this.handlePasswordConfirmationChange}
+          errorText={this.state.errorConfirmPassword} onChange={this.handleChangeConfirmPassword}
         />
-        <SubmitButton buttonText={t('account-recovery.button-next')} />
+        <SubmitButton buttonText={t('account-recovery.button-next')} disabled={this.state.submitButtonDisabled} />
         <BackLink text={t('account-recovery.back')} onClick={previous} />
       </form>
     );
-- 
cgit v1.2.3


From bf6ca194d25dbf3fd23df7e58d0da2fa6b74b8d6 Mon Sep 17 00:00:00 2001
From: Tulio Casagrande <tcasagra@thoughtworks.com>
Date: Wed, 5 Apr 2017 17:12:14 -0300
Subject: [#934] Set max length for passwords

---
 web-ui/src/account_recovery/new_password_form/new_password_form.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'web-ui/src/account_recovery/new_password_form/new_password_form.js')

diff --git a/web-ui/src/account_recovery/new_password_form/new_password_form.js b/web-ui/src/account_recovery/new_password_form/new_password_form.js
index 346c1eb8..5e1e72c9 100644
--- a/web-ui/src/account_recovery/new_password_form/new_password_form.js
+++ b/web-ui/src/account_recovery/new_password_form/new_password_form.js
@@ -61,7 +61,7 @@ export class NewPasswordForm extends React.Component {
 
   validatePassword = (password, confirmPassword) => {
     const emptyPassword = validator.isEmpty(password);
-    const validPassword = validator.isLength(password, { min: 8, max: undefined });
+    const validPassword = validator.isLength(password, { min: 8, max: 9999 });
     const emptyConfirmPassword = validator.isEmpty(confirmPassword);
     const validConfirmPassword = confirmPassword === password;
 
-- 
cgit v1.2.3