Changing Password Requirements with SailsJS and Passport

Cross post from my employer's development blog: http://rootinc.github.io/2016/03/16/pass-requirements-sails/

If you perform an installation of [Passport][passport] with [SailsJS][sails] using the [Sails Passport Auth Generator][sails-generate-auth] you get several files in your app already configured for you. If you then use passport-local, you will already have a complexity requirement on the password. It defaults to requiring 8 characters minimum, letters, numbers, and symbols.

What if you want to change this requirement? In the generated model file `Passport.js`, you should see a line that says `provider   : { type: 'alphanumericdashed' },` and `password    : { type: 'string', minLength: 6 }`. The minLength is an easy and obvious change. What about the complexity requirement though? This stumped me for a bit. There doesn’t seem to be any mention of these keywords or providers on the Passport official site, nor anything in the [Passport-local repository][passport-local]. I believe I found the answer, they appear to be ORM validations from Sails itself. You can find a list [here][validations].

For my project, I simply switched to `alphanumeric` and I no longer need symbols in my passwords. I suppose anything on the list linked above should work. I didn’t try it but I suppose you could even set it to `ipv6` and require that every user’s password be a valid ipv6 formatted address. Not sure I would recommend that though.

[passport]: http://passportjs.org/
[sails]: http://sailsjs.org/
[sails-generate-auth]: https://github.com/kasperisager/sails-generate-auth
[passport-local]: https://github.com/jaredhanson/passport-local
[validations]: http://sailsjs.org/documentation/concepts/models-and-orm/validations#/validation-rules

Comments

Laura Bush said…
I just wanted to say this is an elegantly composed article as we have seen here. I got some knowledge from your article and also it is a significant article for us. Thanks for sharing an article like this.Buy Real passports online USA
Anonymous said…
I am very thankful to you that you have shared this information with us. I got some different kind of knowledge from your web page, and it is really helpful for everyone. Thanks for share it. fake id maker south carolina
Great work! I am totally impressed with your work. I got some amazing ideas from your article. Thanks and keep sharing. 482 visa
shopfastnotes said…
It is a proficient article that you have shared here about fake Australian drivers license online I got some unique and valuable information from your article. Thankful to you for sharing this article here.
The information you've provided is quite useful. It's incredibly instructional because it provides some of the most useful information. Thank you for sharing about hassle free Russian Passport Renewal service in this blog.
Danny said…
The directions, anticipated deadlines, and pricing schedules are all included in these forms. It's also essential to remember that costs can significantly be based on the service, visa type, and timeframe. Emergency passport