feat: Improved password security policy (#2345)

Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
2021-06-07 17:26:08 +05:30
parent d1b3c7b0c2
commit 467b45b427
36 changed files with 284 additions and 151 deletions
--- a/app/builders/account_builder.rb
+++ b/app/builders/account_builder.rb
@@ -2,7 +2,7 @@

 class AccountBuilder
  include CustomExceptions::Account
-  pattr_initialize [:account_name!, :email!, :confirmed!, :user, :user_full_name, :user_password]
+  pattr_initialize [:account_name!, :email!, :confirmed, :user, :user_full_name, :user_password]

  def perform
    if @user.nil?
@@ -61,11 +61,9 @@ class AccountBuilder
  end

  def create_user
-    password = user_password || SecureRandom.alphanumeric(12)
-
    @user = User.new(email: @email,
-                     password: password,
-                     password_confirmation: password,
+                     password: user_password,
+                     password_confirmation: user_password,
                     name: @user_full_name)
    @user.confirm if @confirmed
    @user.save!