feat: Improved password security policy (#2345)

Co-authored-by: Pranav Raj S <pranav@chatwoot.com>
2021-06-07 17:26:08 +05:30
parent d1b3c7b0c2
commit 467b45b427
36 changed files with 284 additions and 151 deletions
--- a/spec/controllers/devise/session_controller_spec.rb
+++ b/spec/controllers/devise/session_controller_spec.rb
@@ -17,10 +17,10 @@ RSpec.describe 'Session', type: :request do
    end

    context 'when it is valid credentials' do
-      let!(:user) { create(:user, password: 'test1234', account: account) }
+      let!(:user) { create(:user, password: 'Password1!', account: account) }

      it 'returns successful auth response' do
-        params = { email: user.email, password: 'test1234' }
+        params = { email: user.email, password: 'Password1!' }

        post new_user_session_url,
             params: params,
@@ -32,7 +32,7 @@ RSpec.describe 'Session', type: :request do
    end

    context 'when it is invalid sso auth token' do
-      let!(:user) { create(:user, password: 'test1234', account: account) }
+      let!(:user) { create(:user, password: 'Password1!', account: account) }

      it 'returns unauthorized' do
        params = { email: user.email, sso_auth_token: SecureRandom.hex(32) }
@@ -46,7 +46,7 @@ RSpec.describe 'Session', type: :request do
    end

    context 'when with valid sso auth token' do
-      let!(:user) { create(:user, password: 'test1234', account: account) }
+      let!(:user) { create(:user, password: 'Password1!', account: account) }

      it 'returns successful auth response' do
        params = { email: user.email, sso_auth_token: user.generate_sso_auth_token }