Skip to main content

Changing Password Requirements with SailsJS and Passport

Cross post from my employer's development blog: http://rootinc.github.io/2016/03/16/pass-requirements-sails/

If you perform an installation of [Passport][passport] with [SailsJS][sails] using the [Sails Passport Auth Generator][sails-generate-auth] you get several files in your app already configured for you. If you then use passport-local, you will already have a complexity requirement on the password. It defaults to requiring 8 characters minimum, letters, numbers, and symbols.

What if you want to change this requirement? In the generated model file `Passport.js`, you should see a line that says `provider   : { type: 'alphanumericdashed' },` and `password    : { type: 'string', minLength: 6 }`. The minLength is an easy and obvious change. What about the complexity requirement though? This stumped me for a bit. There doesn’t seem to be any mention of these keywords or providers on the Passport official site, nor anything in the [Passport-local repository][passport-local]. I believe I found the answer, they appear to be ORM validations from Sails itself. You can find a list [here][validations].

For my project, I simply switched to `alphanumeric` and I no longer need symbols in my passwords. I suppose anything on the list linked above should work. I didn’t try it but I suppose you could even set it to `ipv6` and require that every user’s password be a valid ipv6 formatted address. Not sure I would recommend that though.

[passport]: http://passportjs.org/
[sails]: http://sailsjs.org/
[sails-generate-auth]: https://github.com/kasperisager/sails-generate-auth
[passport-local]: https://github.com/jaredhanson/passport-local
[validations]: http://sailsjs.org/documentation/concepts/models-and-orm/validations#/validation-rules

Comments

Olivia bush said…
I just wanted to say this is an elegantly composed article as we have seen here. I got some knowledge from your article and also it is a significant article for us. Thanks for sharing an article like this.Buy Real passports online USA

Popular posts from this blog

Fancy FTP Deployment with Grunt

I recently dove into Grunt.js at work for automating our build process and I haven’t looked back. It’s an awesome tool with a plug-in for just about anything. I expected the usual would be there like JavaScript minification and concatenation, but I was surprised at a few others that I found, one being for FTP file deployment. Just shows how popular and community supported Grunt is. There are a few FTP plug-ins available for Grunt. I didn’t do an analysis of all of them but ran across grunt-ftp-push which seemed to do what I needed so I decided to try it out. A simple ftp-push setup to upload an entire project via FTP could look like this: grunt . initConfig ({ ftp_push : { all : { options : { host : 'example.com' , port : 21 , dest : '/project/path/' , username : 'user' , password : 'pass' }, expand : true , cwd : 'dist' , src : [ '**/*' ,

Atari E3 2004 PAL digital press kit

Making note of some old swag. The Atari E3 2004 PAL digital press kit. See video for details.