Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
33,753 Commits 180 Branches 498 Tags 916 MiB
Commit Graph

16 Commits

Author SHA1 Message Date
Neil Lalonde 6f747c6b71 FIX: don't allow username to be changed to same as password 
We were blocking user registrations with same username and password,
but allowing usernames to be changed to be same as password later.
Also disallow names to be the same as password.
 2019-05-13 16:43:40 -04:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files 
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
 2019-05-13 09:31:32 +08:00
Vinoth Kannan 7f2eeaf767 FIX: Password required flag should be cleared whenever clearing the raw password (#5384) 2017-12-01 15:19:24 +11:00
Sam dacfdd4dc8 use chars as opposed to split 2017-02-14 09:40:15 -05:00
Sam 8feb94e13f FIX: password validator was being too strict 2017-02-14 09:18:04 -05:00
Neil Lalonde 94e1105af7 fix unique char counting in password validator 2017-02-10 10:38:17 -05:00
Neil Lalonde 1bcb835446 FEATURE: passwords must have a minimum number of unique characters, configurable with a new setting 2017-02-09 15:00:22 -05:00
Neil Lalonde 7a81669c18 SECURITY: don't allow re-using the current password during password reset 2016-08-24 12:27:21 -04:00
Arpit Jalan 36f82aa68c FEATURE: enforce admin password validation when signing up via developer email 2016-03-04 00:28:47 +05:30
Arpit Jalan 50e65634d7 FEATURE: new setting min_admin_password_length and better default 2016-03-02 14:43:26 +05:30
bgr11n 53fb84baa3 fixed password validator on equality with email 2016-01-05 22:43:11 +02:00
Neil Lalonde c04b214910 FEATURE: don't allow username and email to be the same 2015-02-27 13:47:43 -05:00
Neil Lalonde cf81b3f86d FEATURE: don't allow username and password to be the same 2015-02-25 12:00:13 -05:00
Neil Lalonde ab12695d63 Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature. 2013-12-27 11:00:21 -05:00
Neil Lalonde 854d9c8fc6 Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:47 -05:00
Neil Lalonde 33c6997ded Move password validation into PasswordValidator 2013-12-19 16:15:47 -05:00