Change password through update, unclear error message #270
Labels
bug
Something isn't working
good first issue
Good for newcomers
medium priority
Medium priority issue
Comments
TetianaPerinha
added
bug
TetianaPerinha
changed the title
|
Hi @TetianaPerinha can i contribute here ? BTW I am new to open source contribution |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description: When a user tries to update a password that does not meet requirements(Password must be at least 8 characters long and contain at least one letter, one digit, and may include special characters @$!%*?&), the system should return a clear error message that explains the password requirements easily. However, the app displays a regular expression that is hard to understand.
Preconditions:
User is registered and the bearer token is obtained.
Steps to Reproduce:
replace the token with valid data
Execute the following CURL command to attempt to update the user password:
curl --location --request PATCH 'http://0.0.0.0:8083/api/v1/users'
--header 'Content-Type: application/json'
--header 'Authorization: Bearer {token}'
--data '{
"newPassword": "password",
"oldPassword": "password12345"
}'
Observe the response.
Expected Result:
The system should reject the "newPassword" containing only letters.
HTTP status code 400 (Bad Request) should be returned.
Error message should clearly state: { "message": "Password must be at least 8 characters long and contain at least one letter, one digit, and may include special characters @$!%*?&" }.
Actual Result:
The "newPassword" field is correctly rejected for not meeting the requirement.
HTTP status code - 400.
The error message provided is unclear and technical: "message": "[{ ErrorMessage: must match "^(?=.[A-Za-z])(?=.\d)[A-Za-z\d@$!%*?&]{8,}$" }]".
The text was updated successfully, but these errors were encountered: