Pull request 2022: 6280-password-length

Updates #6280. Squashed commit of the following: commit 85014e27da6f289a4ecdd8cbd05c0bee358da39e Merge: 2d93201ce 5f61b550f Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Thu Oct 5 15:58:48 2023 +0300 Merge branch 'master' into 6280-password-length commit 2d93201cea23517cdf3c2b3a4a4c26b7d89d2511 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Thu Oct 5 15:43:05 2023 +0300 client: rm dep commit 3b11d10af8200110fbb1a1d7a7e6e26715ee0436 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Thu Oct 5 15:22:58 2023 +0300 client: imp i18n commit f88dfc9a991c961b17a9add229a768a5cc127071 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Thu Oct 5 15:17:56 2023 +0300 all: imp i18n, names commit a7874f5f1a057a76e05a009ed5204bb1a3d70f50 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Thu Oct 5 15:07:10 2023 +0300 all: fix passwd check
2023-10-05 16:20:28 +03:00
parent 5f61b550fa
commit 8bb80ba98f
9 changed files with 37408 additions and 16553 deletions
--- a/client/src/__locales/en.json
+++ b/client/src/__locales/en.json
@@ -659,7 +659,7 @@
    "parental_control": "Parental Control",
    "safe_browsing": "Safe Browsing",
    "served_from_cache": "{{value}} <i>(served from cache)</i>",
-    "form_error_password_length": "Password must be at least {{value}} characters long",
+    "form_error_password_length": "Password must be {{min}} to {{max}} characters long",
    "anonymizer_notification": "<0>Note:</0> IP anonymization is enabled. You can disable it in <1>General settings</1>.",
    "confirm_dns_cache_clear": "Are you sure you want to clear DNS cache?",
    "cache_cleared": "DNS cache successfully cleared",
--- a/client/src/helpers/constants.js
+++ b/client/src/helpers/constants.js
@@ -27,6 +27,7 @@ export const R_WIN_ABSOLUTE_PATH = /^([a-zA-Z]:)?(\\|\/)(?:[^\\/:*?"<>|\x00]+\\)
 export const R_CLIENT_ID = /^[a-z0-9-]{1,63}$/;

 export const MIN_PASSWORD_LENGTH = 8;
+export const MAX_PASSWORD_LENGTH = 72;

 export const HTML_PAGES = {
    INSTALL: '/install.html',
--- a/client/src/helpers/validators.js
+++ b/client/src/helpers/validators.js
@@ -1,5 +1,4 @@
 import i18next from 'i18next';
-import stringLength from 'string-length';

 import {
    MAX_PORT,
@@ -14,6 +13,7 @@ import {
    UNSAFE_PORTS,
    R_CLIENT_ID,
    R_DOMAIN,
+    MAX_PASSWORD_LENGTH,
    MIN_PASSWORD_LENGTH,
 } from './constants';
 import { ip4ToInt, isValidAbsolutePath } from './form';
@@ -325,14 +325,33 @@ export const validateIpv4InCidr = (valueIp, allValues) => {
    return undefined;
 };

+/**
+ * @param value {string}
+ * @returns {number}
+ */
+const utf8StringLength = (value) => {
+    const encoder = new TextEncoder();
+    const view = encoder.encode(value);
+
+    return view.length;
+};
+
 /**
 * @param value {string}
 * @returns {Function}
 */
 export const validatePasswordLength = (value) => {
-    if (value && stringLength(value) < MIN_PASSWORD_LENGTH) {
-        return i18next.t('form_error_password_length', { value: MIN_PASSWORD_LENGTH });
+    if (value) {
+        const length = utf8StringLength(value);
+        if (length < MIN_PASSWORD_LENGTH || length > MAX_PASSWORD_LENGTH) {
+            // TODO: Make the i18n clearer with regards to bytes vs. characters.
+            return i18next.t('form_error_password_length', {
+                min: MIN_PASSWORD_LENGTH,
+                max: MAX_PASSWORD_LENGTH,
+            });
+        }
    }
+
    return undefined;
 };