Merge pull request #3484 from benjiwheeler/join-flow-count-unicode

count unicode characters as single characters
2024-11-22 15:17:53 -05:00 · 2020-01-02 15:15:29 -05:00 · 2020-01-02 15:15:29 -05:00 · e0c562bfa6
commit e0c562bfa6
parent 5a24a9d825 4c0026ab41
2 changed files with 32 additions and 7 deletions
--- a/src/lib/validate.js
+++ b/src/lib/validate.js
@ -57,7 +57,15 @@ module.exports.validateUsernameRemotely = username => (
 module.exports.validatePassword = (password, username) => {
    if (!password) {
        return {valid: false, errMsgId: 'general.required'};
-    } else if (password.length < 6) {
+    // Using Array.from(string).length, instead of string.length, improves unicode
+    // character counting for a subset of unicode characters, so that they are counted
+    // as single characters by js.
+    // However, this only helps with a subset of unicode. Characters combinations,
+    // including diacritical marks or skintone/gender variations, will still appear
+    // to be multiple characters. See discussions:
+    // https://blog.jonnew.com/posts/poo-dot-length-equals-two
+    // https://stackoverflow.com/a/54370584/2308190
+    } else if (Array.from(password).length < 6) {
        return {valid: false, errMsgId: 'registration.validationPasswordLength'};
    } else if (password === 'password') {
        return {valid: false, errMsgId: 'registration.validationPasswordNotEquals'};
--- a/test/unit/lib/validate.test.js
+++ b/test/unit/lib/validate.test.js
@ -52,21 +52,38 @@ describe('unit test lib/validate.js', () => {
        expect(response).toEqual({valid: false, errMsgId: 'registration.validationUsernameRegexp'});
    });

-    test('validate password', () => {
+    test('validate password existence', () => {
        let response;
        expect(typeof validate.validatePassword).toBe('function');
        response = validate.validatePassword('abcdef');
        expect(response).toEqual({valid: true});
-        response = validate.validatePassword('abcdefghijklmnopqrst');
-        expect(response).toEqual({valid: true});
-        response = validate.validatePassword('passwo');
-        expect(response).toEqual({valid: true});
        response = validate.validatePassword('');
        expect(response).toEqual({valid: false, errMsgId: 'general.required'});
+    });
+
+    test('validate password length', () => {
+        let response;
+        response = validate.validatePassword('abcdefghijklmnopqrst');
+        expect(response).toEqual({valid: true});
        response = validate.validatePassword('abcde');
        expect(response).toEqual({valid: false, errMsgId: 'registration.validationPasswordLength'});
-        response = validate.validatePassword('password');
+        response = validate.validatePassword('😺');
+        expect(response).toEqual({valid: false, errMsgId: 'registration.validationPasswordLength'});
+        response = validate.validatePassword('😺🦆🐝');
+        expect(response).toEqual({valid: false, errMsgId: 'registration.validationPasswordLength'});
+        response = validate.validatePassword('😺🦆🐝🐮🐠');
+        expect(response).toEqual({valid: false, errMsgId: 'registration.validationPasswordLength'});
+        response = validate.validatePassword('😺🦆🐝🐮🐠🐻');
+        expect(response).toEqual({valid: true});
+    });
+
+    test('validate password cannot be "password"', () => {
+        const response = validate.validatePassword('password');
        expect(response).toEqual({valid: false, errMsgId: 'registration.validationPasswordNotEquals'});
+    });
+
+    test('validate password cannot be same as username', () => {
+        let response;
        response = validate.validatePassword('abcdefg', 'abcdefg');
        expect(response).toEqual({valid: false, errMsgId: 'registration.validationPasswordNotUsername'});
        response = validate.validatePassword('abcdefg', 'abcdefG');