codebattle icon indicating copy to clipboard operation
codebattle copied to clipboard

Published 20 hours ago verified publisher icon hexlet-codebattle

Bug: Возможность установить пароль длиной более 16 символов при восстановлении пароля

Open burd-up opened this issue 1 year ago • 1 comments

Summary

При регистрации мы имеем ограничение длины пароля от 6 до 16 символов. При восстановлении пароля появляется возможность установить пароль длиной более 16 символов, что является несоответствием.

Reproduction steps

1. Нажимаем "Forgot your password?" на странице авторизации.
2. Вводим email зарегистрированного пользователя.
3. Нажимаем на кнопку "Submit".
4. Открываем письмо, полученное на почтовый ящик, указанный в поле email.
5. Нажимаем на ссылку для восстановления пароля в письме.
6. В открывшейся форме вводим значение пароля длиннее 16 символов.
7. Нажимаем "Save".

Expected result

Появляется подсказка, что максимальная длина пароля 16 символов.

Actual result

Пароль успешно изменяется, несмотря на превышение ограничения в 16 символов.

Browsers

Chrome

OS

Windows

burd-up avatar May 23 '24 17:05 burd-up

  • summary: | Создание пароля более 16 символов при восстановлении пароля environment: | Версия 126.0.6478.182 (Официальная сборка), (64 бит) ОС Windows 10 Pro Версия приложения: 11a596a steps-to-reproduce: |
    1. Нажать Forgot your password? на странице авторизации
    2. Ввести email зарегистрированного пользователя
    3. Нажать на кнопку "Submit"
    4. Открыть письмо, полученное на почтовый ящик, указанный в поле email
    5. Нажать на ссылку для восстановления пароля в письме
    6. Ввести в открывшейся форме значение пароля более 16 символов
    7. Нажать "Save" expected-result: | Пользователь не восстанавливает пароль actual-result: | Успешная авторизация с новым паролем

El-MetD avatar Jul 22 '24 13:07 El-MetD

  • summary: | Create new password (after password recover) with more than 16 symbols environment: | Yandex Browser, Google Chrome OC Windows 10 Codebattle current version: e827c58 steps-to-reproduce: |
    1. Sign out from your account
    2. Click Sign in
    3. Click Forgot your password
    4. Write user email
    5. Click Submit
    6. In mail follow the link to recover password
    7. In the new password field, write a password longer than 16 characters expected-result: | User have a validation error actual-result: | Password has pass the validation with more then 16 characters

Jester-bit666 avatar Jan 23 '25 19:01 Jester-bit666

Summary: User can set password with more than 16 characters by password recovery Prerequisites: User is not logged in Login page is opened https://codebattle.hexlet.io/session/new?locale=en&next=%2F Steps to reproduce:

  1. Click on "Forgot your password?"
  2. Input existing account's email
  3. Check your email
  4. Open the link in received letter
  5. Input new password with 17 characters: 12345678912345678
  6. Click on "Save" button

Expected result: The password doesn't change. User get validation error. Actual result: Password is changed Environment: Google chrome Version 133.0.6943.60 (Official Build) (64-bit) OC windows 11 Project version: https://github.com/hexlet-codebattle/codebattle/commit/c655ad42cd1179b3e06163d383e293f459c695ac

Dmitrydrum avatar Feb 11 '25 04:02 Dmitrydrum

Summary: User can set a password longer than 16 characters when recovering the password

Reproduction steps:

  1. Click "Forgot your password?" on the login page.
  2. Enter the email of the registered user.
  3. Click on the "Submit" button.
  4. Open the letter received at the mailbox specified in the email field.
  5. Click on the link to recover your password in the letter.
  6. In the form that opens, enter a password value longer than 16 characters.
  7. Click "Save".

Expected result: A prompt appears indicating that the entered data is invalid.

Actual result: Password changed

Browsers: Safari Версия 17.1 (19616.2.9.11.7)

OS: macOS Sonoma 14.1.1 (23B81)

Текущая версия: c655ad4 развернуто в UTC: 2025-02-07 12:12:47

juliagavr91 avatar Feb 18 '25 08:02 juliagavr91

  • summary: | When restoring a password, it is possible to set a password longer than 16 characters environment: | Google Chrome Version 133.0.6943.142 (Official Build), (64 bit) Windows 11 Pro 24 H2 steps-to-reproduce: |
    1. Press the "Sing in" button
    2. Click the hyperlink "Forgot your password?"
    3. In the window that opens, enter the mail
    4. Click the "Submit" button
    5. Click on the link sent to the specified email address
    6. Enter a password longer than 16 characters.
    7. Click the "Save" expected-result button: > An error appears with a notification that the password must be less than 16 characters long. actual-result: > A new password is being set

puma0050 avatar Mar 03 '25 19:03 puma0050

summary: During password recovery, a password longer than the allowed length can be set

environment:

  • Google Chrome 134.0.6998.36 (Official Build) (64-bit)
  • OS: Windows 11 23H2 22631.5039
  • Codebattle version: 9425fb5

steps-to-reproduce:

  1. Go to https://codebattle.hexlet.io/
  2. Click the "Sign in" button
  3. Click "Forgot your password?"
  4. Enter an email
  5. Click the "Submit" button
  6. In the inbox of the specified email, find an email from "[email protected]"
  7. Open the email and follow the link
  8. In the "Reset your password" window, enter a new password
  9. Click the "SAVE" button

expected-result: The user should receive an error message: "The password must be no more than 16 characters long"

actual-result: A success message is shown, and the user is informed that they can now log in using the new password

Image

hitriylis avatar Apr 05 '25 11:04 hitriylis

Summary

User can set password more then 16 Characters if he use "Forgot your password", while it's not possible while creating an account

Environment

  • Yandex Browser: Version 25.2.4.955 (64-bit)
  • OS Windows 10: Version 22H2 19045.5608
  • Codebattle version: 9425fb5

Prerequisites:

  • User has account and access to the email that is attached to his account
  • "Forgot your password" window is open

Steps to reproduce

  • Enter email that is attached to account
  • Click "Submit" button
  • Open the email that is sent and click the link
  • Set new password
  • Sign in with new password

Expected result:

User receive error message "Should be from 6 to 16 characters"

Actual resul:

User can set password with more then 16 characters

Screenshots

  1. User trying to set password with more then 16 characters while creating an account

Image

  1. User trying to set password with more then 16 characters via "Forgot your password" page

Image

temuryqudrat avatar Apr 05 '25 16:04 temuryqudrat

Summary При восстановлении пароля количество символов пароля может быть более 16 символов.

Windows 10Pro Версия 22Н2

Reproduction steps

  1. Открыть окно авторизации пользователя
  2. Нажать "Forgot your password?"
  3. Вести email, Нажать Submit
  4. Перейти по ссылке, отправленной на электронную почту
  5. Создать новый пароль более 16 символов, нажать SAVE

Expected result При вводе в поле пароля более 16 символов будет ошибка, восстановить пароль не получится.

Actual result При вводе в поле пароля более 16 символов пароль удается восстановить.

Image Image Image

Irmyshka avatar May 18 '25 11:05 Irmyshka

Summary:

When restoring a password, it becomes possible to enter a password longer than 16 characters and without at least one special character.

Enviroment:

Chromium 138.0.7204.158 (Official build) (64 bit) Windows 24H2 OS

Steps-to-reproduce:

  1. Open the user authorization window
  2. Click "Forgot your password?"
  3. Enter email address
  4. Click Submit
  5. Follow the link sent by email
  6. Enter the password "12345678987654321" (more than 16 characters and without at least one special character)
  7. Click "save"

Expected result:

An error appears when you enter more than 16 characters in the password field and without a special character. Password saving is not possible

Actual result:

If you enter more than 16 characters in the password field and without a special character, the password is saved.

Browsers

Chrome 138.0.7204.158 (Official build) (64 bit)

OS

Windows 11 24H2

Current version: 376ef8e

Alex-Kuzm avatar Jul 21 '25 11:07 Alex-Kuzm

Summary When you restore your password, you can enter more than 16 characters in the password field

enviroment: | Google Chrome : 138.0.7204.158 ( ОС Windows 11 23H2 22631.5335 Current version: 376ef8e

Reproduction steps Open the user authorization window Press "Forgot your password?" Еnter email Press Submit Follow the link sent by e-mail Enter more than 16 characters in the password recovery window Enter save expected-result: The user should receive an error message: "The password must be no more than 16 characters long"

actual-result: A success message is shown, and the user is informed that they can now log in using the new password

Image Image

kelevro342 avatar Jul 25 '25 09:07 kelevro342