Skip to main content

Changing Password Requirements with SailsJS and Passport

Cross post from my employer's development blog: http://rootinc.github.io/2016/03/16/pass-requirements-sails/

If you perform an installation of [Passport][passport] with [SailsJS][sails] using the [Sails Passport Auth Generator][sails-generate-auth] you get several files in your app already configured for you. If you then use passport-local, you will already have a complexity requirement on the password. It defaults to requiring 8 characters minimum, letters, numbers, and symbols.

What if you want to change this requirement? In the generated model file `Passport.js`, you should see a line that says `provider   : { type: 'alphanumericdashed' },` and `password    : { type: 'string', minLength: 6 }`. The minLength is an easy and obvious change. What about the complexity requirement though? This stumped me for a bit. There doesn’t seem to be any mention of these keywords or providers on the Passport official site, nor anything in the [Passport-local repository][passport-local]. I believe I found the answer, they appear to be ORM validations from Sails itself. You can find a list [here][validations].

For my project, I simply switched to `alphanumeric` and I no longer need symbols in my passwords. I suppose anything on the list linked above should work. I didn’t try it but I suppose you could even set it to `ipv6` and require that every user’s password be a valid ipv6 formatted address. Not sure I would recommend that though.

[passport]: http://passportjs.org/
[sails]: http://sailsjs.org/
[sails-generate-auth]: https://github.com/kasperisager/sails-generate-auth
[passport-local]: https://github.com/jaredhanson/passport-local
[validations]: http://sailsjs.org/documentation/concepts/models-and-orm/validations#/validation-rules

Comments

Laura Bush said…
I just wanted to say this is an elegantly composed article as we have seen here. I got some knowledge from your article and also it is a significant article for us. Thanks for sharing an article like this.Buy Real passports online USA
Weston Parker said…
I am very thankful to you that you have shared this information with us. I got some different kind of knowledge from your web page, and it is really helpful for everyone. Thanks for share it. fake id maker south carolina
Great work! I am totally impressed with your work. I got some amazing ideas from your article. Thanks and keep sharing. 482 visa
shopfastnotes said…
It is a proficient article that you have shared here about fake Australian drivers license online I got some unique and valuable information from your article. Thankful to you for sharing this article here.

Popular posts from this blog

Atari E3 2004 PAL digital press kit

Making note of some old swag. The Atari E3 2004 PAL digital press kit. See video for details.

Fancy FTP Deployment with Grunt

I recently dove into Grunt.js at work for automating our build process and I haven’t looked back. It’s an awesome tool with a plug-in for just about anything. I expected the usual would be there like JavaScript minification and concatenation, but I was surprised at a few others that I found, one being for FTP file deployment. Just shows how popular and community supported Grunt is. There are a few FTP plug-ins available for Grunt. I didn’t do an analysis of all of them but ran across grunt-ftp-push which seemed to do what I needed so I decided to try it out. A simple ftp-push setup to upload an entire project via FTP could look like this: grunt . initConfig ({ ftp_push : { all : { options : { host : 'example.com' , port : 21 , dest : '/project/path/' , username : 'user' , password : 'pass' }, expand : true , cwd : 'dist' , src : [ '**/*' ,