✅ – _mercury – 05-25 May 9

_mercury 🇵🇸 · 2024-05-09T05:25:11.521Z

what is wrong with that regex ?

_mercury 🇵🇸OP•2y ago

always i get the error although the password should be good

_mercury 🇵🇸OP•2y ago

_mercury 🇵🇸OP•2y ago

using mantine/form pkg

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

!val.match(/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d]{8,50}$/) yes edited it and i works ... hope no underlying quirks why not check the regex of password to save a request to the server ?

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

for non-malicious user what is the problem ?

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

for simplicity but i will improve it

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

for me

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

i am wrong so i will improve it u r right

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

i did it 8-50 chars

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

why ?

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

what if somebody send 10k chars of password ? it will consume the server

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

my server would be consumed

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

to hash this long string it will take long time to hash 10 k text

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

argon2 ok good to know but still not convinced Sorry why not giving stupid user the passeord should be like that ( upper -lower - ... etc ) ?

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

befofre sending invalid req will remove it also it is 250 varchar in postgres .. ithink enough ? right ?

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

will make it text for safety instead of varchar

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

i just save invalid req to the server this is the actual reqson and to give a hint

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

so how the user know how the password should be ?

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

what if somebody think that sara12345 is good

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

but that will send a request

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

and the server validation will refuse it is unsecure passsword and it will be rejected

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

i will add special chars

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

but how the user know that the server require Upper -lower- special char - digit ?

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

mmm Ok still do not understand why giving the user a hint there is no cost for that on the frontend saving an invalid req why this is pointless not all uses are aware of constraints

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

yes i am speaking about the constraints i am not doing it to make password secure I just prevent a req that the server for sure will refuse

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

i own it

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

Oh why ?

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

somebody could add password like aaaaaaaaaa i see gmail and others do not accept that

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

even it is a user fault Aaaaaaaaaaa1$ i told you i will accept the special chars

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

first time to listen to something like that tbh --with respect

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

do you know the principle ( security in depth )? as a paranoid , i will let it like that even poitless

Unknown User•2y ago

Message Not Public

Sign In & Join Server To View

_mercury 🇵🇸OP•2y ago

i respect your help

reactibot•2y ago

This question has an answer! Thank you for helping 😄 If you have a followup question, you may want to reply to this thread so other members know they're related. https://discord.com/channels/102860784329052160/565213527673929729/1237998786140442654

✅ – _mercury – 05-25 May 9

Did you find this page helpful?