diff --git a/src/password.js b/src/password.js index e11ff9338..d6044e538 100644 --- a/src/password.js +++ b/src/password.js @@ -13,7 +13,7 @@ var assert = require('assert'), generatePassword = require('password-generator'); // http://www.w3resource.com/javascript/form/example4-javascript-form-validation-password.html -var gPasswordTestRegExp = /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9])(?!.*\s).{8,20}$/; +var gPasswordTestRegExp = /^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[^a-zA-Z0-9])(?!.*\s).{8,30}$/; var UPPERCASE_RE = /([A-Z])/g; var LOWERCASE_RE = /([a-z])/g; @@ -40,7 +40,7 @@ function generate() { function validate(password) { assert.strictEqual(typeof password, 'string'); - if (!password.match(gPasswordTestRegExp)) return new Error('Password must be 8-20 character with at least one uppercase, one numeric and one special character'); + if (!password.match(gPasswordTestRegExp)) return new Error('Password must be 8-30 character with at least one uppercase, one numeric and one special character'); return null; } diff --git a/src/routes/test/apps-test.js b/src/routes/test/apps-test.js index 11e7529a0..b339da305 100644 --- a/src/routes/test/apps-test.js +++ b/src/routes/test/apps-test.js @@ -56,8 +56,8 @@ var APP_MANIFEST_1 = JSON.parse(fs.readFileSync(__dirname + '/../../../../test-a APP_MANIFEST_1.dockerImage = TEST_IMAGE_REPO + ':' + TEST_IMAGE_TAG; APP_MANIFEST_1.singleUser = true; -var USERNAME = 'admin', PASSWORD = 'password', EMAIL ='admin@me.com'; -var USERNAME_1 = 'user', PASSWORD_1 = 'password', EMAIL_1 ='user@me.com'; +var USERNAME = 'admin', PASSWORD = 'Foobar?1337', EMAIL ='admin@me.com'; +var USERNAME_1 = 'user', PASSWORD_1 = 'Foobar?1338', EMAIL_1 ='user@me.com'; var token = null; // authentication token var token_1 = null; diff --git a/src/routes/test/backups-test.js b/src/routes/test/backups-test.js index 074bc61f0..7486f956f 100644 --- a/src/routes/test/backups-test.js +++ b/src/routes/test/backups-test.js @@ -19,7 +19,7 @@ var appdb = require('../../appdb.js'), var SERVER_URL = 'http://localhost:' + config.get('port'); -var USERNAME = 'admin', PASSWORD = 'password', EMAIL ='silly@me.com'; +var USERNAME = 'admin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com'; var token = null; var server; diff --git a/src/routes/test/clients-test.js b/src/routes/test/clients-test.js index 3defb2bc4..cc6e1f293 100644 --- a/src/routes/test/clients-test.js +++ b/src/routes/test/clients-test.js @@ -20,7 +20,7 @@ var async = require('async'), var SERVER_URL = 'http://localhost:' + config.get('port'); -var USERNAME = 'admin', PASSWORD = 'password', EMAIL ='silly@me.com'; +var USERNAME = 'admin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com'; var token = null; // authentication token function cleanup(done) { @@ -392,7 +392,7 @@ describe('Clients', function () { var USER_0 = { userId: uuid.v4(), username: 'someusername', - password: 'somepassword', + password: 'Strong#$%2345', email: 'some@email.com', admin: true, salt: 'somesalt', diff --git a/src/routes/test/cloudron-test.js b/src/routes/test/cloudron-test.js index 694be6921..9085e6436 100644 --- a/src/routes/test/cloudron-test.js +++ b/src/routes/test/cloudron-test.js @@ -18,7 +18,7 @@ var async = require('async'), var SERVER_URL = 'http://localhost:' + config.get('port'); -var USERNAME = 'admin', PASSWORD = 'password', EMAIL ='silly@me.com'; +var USERNAME = 'admin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com'; var token = null; // authentication token var server; @@ -68,7 +68,7 @@ describe('Cloudron', function () { superagent.post(SERVER_URL + '/api/v1/cloudron/activate') .query({ setupToken: 'somesetuptoken' }) - .send({ username: 'someuser', password: 'somepassword', email: 'admin@foo.bar' }) + .send({ username: 'someuser', password: 'strong#A3asdf', email: 'admin@foo.bar' }) .end(function (error, result) { expect(result.statusCode).to.equal(500); expect(scope.isDone()).to.be.ok(); @@ -81,7 +81,7 @@ describe('Cloudron', function () { superagent.post(SERVER_URL + '/api/v1/cloudron/activate') .query({ setupToken: 'somesetuptoken' }) - .send({ username: '', password: 'somepassword', email: 'admin@foo.bar' }) + .send({ username: '', password: 'ADSFsdf$%436', email: 'admin@foo.bar' }) .end(function (error, result) { expect(result.statusCode).to.equal(400); expect(scope.isDone()).to.be.ok(); @@ -107,7 +107,7 @@ describe('Cloudron', function () { superagent.post(SERVER_URL + '/api/v1/cloudron/activate') .query({ setupToken: 'somesetuptoken' }) - .send({ username: 'someuser', password: 'somepassword', email: '' }) + .send({ username: 'someuser', password: 'ADSF#asd546', email: '' }) .end(function (error, result) { expect(result.statusCode).to.equal(400); expect(scope.isDone()).to.be.ok(); @@ -120,7 +120,7 @@ describe('Cloudron', function () { superagent.post(SERVER_URL + '/api/v1/cloudron/activate') .query({ setupToken: 'somesetuptoken' }) - .send({ username: 'someuser', password: '', email: 'admin@foo.bar', name: '' }) + .send({ username: 'someuser', password: 'ADSF?#asd546', email: 'admin@foo.bar', name: '' }) .end(function (error, result) { expect(result.statusCode).to.equal(400); expect(scope.isDone()).to.be.ok(); @@ -133,7 +133,7 @@ describe('Cloudron', function () { superagent.post(SERVER_URL + '/api/v1/cloudron/activate') .query({ setupToken: 'somesetuptoken' }) - .send({ username: 'someuser', password: 'somepassword', email: 'invalidemail' }) + .send({ username: 'someuser', password: 'ADSF#asd546', email: 'invalidemail' }) .end(function (error, result) { expect(result.statusCode).to.equal(400); expect(scope.isDone()).to.be.ok(); @@ -147,7 +147,7 @@ describe('Cloudron', function () { superagent.post(SERVER_URL + '/api/v1/cloudron/activate') .query({ setupToken: 'somesetuptoken' }) - .send({ username: 'someuser', password: 'somepassword', email: 'admin@foo.bar', name: 'tester' }) + .send({ username: 'someuser', password: 'ADSF#asd546', email: 'admin@foo.bar', name: 'tester' }) .end(function (error, result) { expect(result.statusCode).to.equal(201); expect(scope1.isDone()).to.be.ok(); @@ -161,7 +161,7 @@ describe('Cloudron', function () { superagent.post(SERVER_URL + '/api/v1/cloudron/activate') .query({ setupToken: 'somesetuptoken' }) - .send({ username: 'someuser', password: 'somepassword', email: 'admin@foo.bar' }) + .send({ username: 'someuser', password: 'ADSF#asd546', email: 'admin@foo.bar' }) .end(function (error, result) { expect(result.statusCode).to.equal(409); expect(scope.isDone()).to.be.ok(); diff --git a/src/routes/test/developer-test.js b/src/routes/test/developer-test.js index f230555c7..efbc4372d 100644 --- a/src/routes/test/developer-test.js +++ b/src/routes/test/developer-test.js @@ -17,7 +17,7 @@ var async = require('async'), var SERVER_URL = 'http://localhost:' + config.get('port'); -var USERNAME = 'admin', PASSWORD = 'password', EMAIL ='silly@me.com'; +var USERNAME = 'admin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com'; var token = null; // authentication token var server; diff --git a/src/routes/test/oauth2-test.js b/src/routes/test/oauth2-test.js index b259bf41c..81b97936e 100644 --- a/src/routes/test/oauth2-test.js +++ b/src/routes/test/oauth2-test.js @@ -139,7 +139,7 @@ describe('OAuth2', function () { var USER_0 = { id: uuid.v4(), username: 'someusername', - password: 'somepassword', + password: '@#45Strongpassword', email: 'some@email.com', admin: true, salt: 'somesalt', @@ -1417,7 +1417,7 @@ describe('Password', function () { .get('/?accessToken=token&expiresAt=1234').reply(200, {}); superagent.post(SERVER_URL + '/api/v1/session/password/reset') - .send({ password: 'somepassword', resetToken: USER_0.resetToken }) + .send({ password: 'ASF23$%somepassword', resetToken: USER_0.resetToken }) .end(function (error, result) { expect(scope.isDone()).to.be.ok(); expect(result.statusCode).to.equal(200); diff --git a/src/routes/test/settings-test.js b/src/routes/test/settings-test.js index 9068c889c..d305027a7 100644 --- a/src/routes/test/settings-test.js +++ b/src/routes/test/settings-test.js @@ -22,7 +22,7 @@ var appdb = require('../../appdb.js'), var SERVER_URL = 'http://localhost:' + config.get('port'); -var USERNAME = 'admin', PASSWORD = 'password', EMAIL ='silly@me.com'; +var USERNAME = 'admin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com'; var token = null; var server; diff --git a/src/routes/test/simpleauth-test.js b/src/routes/test/simpleauth-test.js index 162ea88d9..991e7d368 100644 --- a/src/routes/test/simpleauth-test.js +++ b/src/routes/test/simpleauth-test.js @@ -21,7 +21,7 @@ describe('SimpleAuth API', function () { var SERVER_URL = 'http://localhost:' + config.get('port'); var SIMPLE_AUTH_ORIGIN = 'http://localhost:' + config.get('simpleAuthPort'); - var USERNAME = 'admin', PASSWORD = 'password', EMAIL ='silly@me.com'; + var USERNAME = 'admin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com'; var APP_0 = { id: 'app0', diff --git a/src/routes/test/user-test.js b/src/routes/test/user-test.js index 6ce7d43fc..8c62f834e 100644 --- a/src/routes/test/user-test.js +++ b/src/routes/test/user-test.js @@ -18,7 +18,7 @@ var config = require('../../config.js'), var SERVER_URL = 'http://localhost:' + config.get('port'); -var USERNAME_0 = 'admin', PASSWORD = 'password', EMAIL = 'silly@me.com', EMAIL_0_NEW = 'stupid@me.com'; +var USERNAME_0 = 'admin', PASSWORD = 'Foobar?1337', EMAIL = 'silly@me.com', EMAIL_0_NEW = 'stupid@me.com'; var USERNAME_1 = 'userTheFirst', EMAIL_1 = 'tao@zen.mac'; var USERNAME_2 = 'userTheSecond', EMAIL_2 = 'user@foo.bar'; var USERNAME_3 = 'userTheThird', EMAIL_3 = 'user3@foo.bar'; @@ -553,7 +553,7 @@ describe('User API', function () { it('change password fails due to wrong password', function (done) { superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password') .query({ access_token: token }) - .send({ password: 'some wrong password', newPassword: 'newpassword' }) + .send({ password: 'some wrong password', newPassword: 'MOre#$%34' }) .end(function (err, res) { expect(res.statusCode).to.equal(403); done(); @@ -573,7 +573,7 @@ describe('User API', function () { it('change password succeeds', function (done) { superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/password') .query({ access_token: token }) - .send({ password: PASSWORD, newPassword: 'new_password' }) + .send({ password: PASSWORD, newPassword: 'MOre#$%34' }) .end(function (err, res) { expect(res.statusCode).to.equal(204); done();