StarMC/Astral-nook
StarMC/Astral-nook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Don't allow blank passwords on the password change endpoint; closes #2750

Browse source
This commit is contained in:
Dane Everitt 2020-11-29 13:28:46 -08:00
parent 16f49f8dc1
commit 7ebe04fb91
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
2 changed files with 26 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
app/Http/Requests/Api/Client/Account/UpdatePasswordRequest.php
View file

@ -2,7 +2,6 @@
namespace Pterodactyl\Http\Requests\Api\Client\Account;
use Pterodactyl\Models\User;
use Pterodactyl\Http\Requests\Api\Client\ClientApiRequest;
use Pterodactyl\Exceptions\Http\Base\InvalidPasswordProvidedException;
@ -32,8 +31,8 @@ class UpdatePasswordRequest extends ClientApiRequest
*/
public function rules(): array
{
$rules = User::getRulesForUpdate($this->user());
return ['password' => array_merge($rules['password'], ['confirmed'])];
return [
'password' => ['required', 'string', 'confirmed', 'min:8'],
];
}
}