Ghost/core/test/integration/api
Aileen Nowak c8cbbc4eb6 Improved password validation rules (#9171)
refs #9150 

- Moves the password length fn from `models/user` to `data/validation` where the other validator functions live.
- Added password validation rules. Password rules added:
   - Disallow obviously bad passwords: '1234567890', 'qwertyuiop', 'asdfghjkl;' and 'asdfghjklm' for example
   - Disallow passwords that contain the words 'password' or 'ghost'
   - Disallow passwords that match the user's email address
   - Disallow passwords that match the blog domain or blog title
   - Disallow passwords that include 50% or more of the same characters: 'aaaaaaaaaa', '1111111111' and 'ababababab' for example.
- Password validation returns an `Object` now, that includes an `isValid` and `message` property to differentiate between the two error messages (password too short or password insecure).
- Use a catch predicate in `api/authentication` on `passwordReset`, so the correct `ValidationError` will be thrown during the password reset flow rather then an `UnauthorizedError`.
- When in setup flow, the blog title is not available yet from `settingsCache`. We therefore supply it from the received form data in the user model `setup` method to have it accessible for the validation.
2017-10-26 11:01:24 +01:00
..
advanced_browse_spec.js Support filtering based on primary_tag (#9124) 2017-10-10 14:07:44 +02:00
api_authentication_spec.js Improved password validation rules (#9171) 2017-10-26 11:01:24 +01:00
api_configuration_spec.js Removed private configuration endpoint 2017-09-20 11:44:47 +01:00
api_db_spec.js 🎨 delete all content: do not delete subscribers (#8282) 2017-04-05 21:57:41 +01:00
api_invites_spec.js 🐛 invite existing users 2017-07-18 18:24:36 +01:00
api_mail_spec.js 💄 🐷 Test consistency (#8199) 2017-03-21 09:24:11 +01:00
api_notifications_spec.js 🎨 settings inconsistency (#8381) 2017-04-24 18:41:00 +01:00
api_posts_spec.js Prev & next post filtering, with primary tag support (#9141) 2017-10-13 15:44:39 +01:00
api_roles_spec.js 💄 🐷 Test consistency (#8199) 2017-03-21 09:24:11 +01:00
api_schedules_spec.js Primary tag (#8669) 2017-07-31 13:00:03 +04:00
api_settings_spec.js 🎨 settings inconsistency (#8381) 2017-04-24 18:41:00 +01:00
api_slugs_spec.js 💄 🐷 Test consistency (#8199) 2017-03-21 09:24:11 +01:00
api_subscription_spec.js 💄 🐷 Test consistency (#8199) 2017-03-21 09:24:11 +01:00
api_tags_spec.js Protected internal tags visibility (#9076) 2017-10-03 13:00:33 +01:00
api_users_spec.js Improved password validation rules (#9171) 2017-10-26 11:01:24 +01:00
redirects_spec.js Allow Upload/Download of redirects.json (#9029) 2017-09-21 16:01:03 +01:00