analytics/assets
Adrian Gruntkowski 51c1138d0d
Implement better user password validation (#3344)
* Add zxcvbn dependency

* Change password length range requirement from 6-64 to 12-128

* Reimplement register form in LV

* Implement server-side check for password strength

* Add rudimentary strength meter

* Make password input with strength a separate component and improve it

* Fix existing tests to provide strong enough password

* Apply formatting

* Replace existing registration form with new one

* Hide built-in label in `.input` component when none provided

* Crop password to first 32 chars for analysis by zxcvbn

* Add tests for new form components

* Integrate hCaptcha into LV

* Fix existing AuthController tests

* Add tests for Live.RegisterForm

* Hide strength meter when password input is empty

* Randomize client IP in headers during tests to avoid hitting rate limit

* Apply auxilliary formatting fixes to AuthController

* Integrate registration from invitation into LV registration logic

* Fix existing password set and reset forms

* Make `password_length_hint` component more customizable

* Optimize `Auth.User.set_password/2`

* Remove unnecessary attribute from registration form

* Move password set and reset forms to LV

* Add tests for SetPasswordForm LV component

* Add tests for password checks in `Auth.User`

* Document code a bit

* Implement simpler approach to hCaptcha integration

* Update CHANGELOG.md

* Improve consistency of color scheme

* Introduce debounce across all text inputs in registration and password forms

* Fix email input background in register form

* Ensure only single error is rendered for empty password confirmation case

* Remove `/password` form entirely in favor of preferred password reset

* Remove unnecessary `router` option from `live_render` calls

* Make expensive assigns in LV with `assign_new` (h/t @aerosol)

* Accept passwords longer than 32 bytes uniformly as very strong

* Avoid displaying blank error side by side with weak password error

* Make register actions handle errors gracefully

* Render only a single piece of feedback to reduce noise

* Make register and password reset forms pw manager friendly (h/t @cnkk)

* Move registration forms to live routes

* Delete no longer used deadviews

* Adjust registration form in accordance to changes in #3290

* Reintroduce dogfood page path for invitation form from #3290

* Use alternative approach to submitting plausible metrics from LV form

* Rename metrics events and extend tests to account for them
2023-09-25 10:27:29 +02:00
..
css Add login link to 404 page (#3288) 2023-08-22 08:45:38 +02:00
js Implement better user password validation (#3344) 2023-09-25 10:27:29 +02:00
static Show user feedback form on server errors (#2617) 2023-01-25 15:15:41 +01:00
.babelrc React (#17) 2019-11-19 12:30:42 +08:00
.bundlemonrc.json Add remote config 2021-11-24 11:56:24 +02:00
.eslintrc.json Prepare base for the funnel PRs merge (#2993) 2023-06-01 15:26:23 +02:00
.prettierignore 1. Remove the "airbnb" eslint plugin since it conflicts with prettier (#1374) 2021-10-11 14:48:19 +02:00
.prettierrc.json Fix svg favicons (#2295) 2022-10-04 13:20:51 +03:00
.stylelintrc.json Add eslint, stylelint, prettier, and pre-commit (#484) 2020-12-23 10:45:53 +02:00
package-lock.json Update Tailwind to latest v3.3.3 (#3320) 2023-09-07 11:23:19 -03:00
package.json Update Tailwind to latest v3.3.3 (#3320) 2023-09-07 11:23:19 -03:00
postcss.config.js Update TailwindCSS to 2.0 2020-11-19 14:34:37 +02:00
tailwind.config.js Implement better user password validation (#3344) 2023-09-25 10:27:29 +02:00
webpack.config.js Refactor: Use HeadlessUI for search-select component (#2676) 2023-02-20 11:10:11 +02:00