Mentorship-android: Bug : Login Activity Bug (Password with spaces)

Created on 25 Oct 2020  路  10Comments  路  Source: anitab-org/mentorship-android

Describe the bug
A clear and concise description of what the bug is.

When a user submits a password that has leading or trailing spaces it is still accepted, whereas we trim the password in the login activity so it would be impossible for a user to sign if they have leading/trailing spaces.

To Reproduce
Steps to reproduce the behavior:

  1. Go to sign up for fill in details. Fill in a password with leading/ trailing spaces like " Pass word!!1 " without the quotes ("")
  2. Complete sign up
  3. Go to login and attempt to login in with the password mentioned before.
  4. See error

Expected behavior
A clear and concise description of what you expected to happen.

Expected behavior needs to be discussed here as possible expected behaviors

  • Ask user to re-enter password in sign in screen if it contains trailing or leading spaces
  • Do not trim Password in login activity so that user will be able to login
  • Trim password without asking user in signup activity (not recommended)

Smartphone (please complete the following information):

  • Device: Moto
  • OS: Android 7

Additional context
Add any other context about the problem here.

This can only be observed with new accounts as the change password endpoint does not allow spaces in new password.

This could also be a backend issue. (Can't find such any active issue related to this on the backend repo either)

Bug Question
Source
picture epicadk

All 10 comments

Can I work on this issue @isabelcosta ?

Priyansh-Kedia picture Priyansh-Kedia on 26 Oct 2020

Can I work on this issue @isabelcosta ?

We will need to decide what needs to be done first and I was actually hoping I could work on this. 馃槄

epicadk picture epicadk on 27 Oct 2020

is it open??
if it is can I work on it??

priyanka0906 picture priyanka0906 on 16 Dec 2020

Sir can I resolve this issue? @epicadk

aakarshvats638 picture aakarshvats638 on 20 Dec 2020

@priyanka0906 @aakarshvats638 please mention this issue on zulip and once it's approved I'm sure you will be assigned. 馃槉

epicadk picture epicadk on 20 Dec 2020

@Priyansh-Kedia this issue can be assigned to you but did you discuss about this issue with the admin what's expected behaviour?

aditmehta9 picture aditmehta9 on 20 Dec 2020

@epicadk thank you for creating this issue :) 馃憦 馃帀
This is valid, however, we should take a look at what are the rules used to validate the password format, and use that same rules while validating this on the frontend android. Could someone take a look at how this is done on the backend?

isabelcosta picture isabelcosta on 20 Dec 2020
👍1

@isabelcosta I had raised this issue on the backend repo and it has been merged.

epicadk picture epicadk on 21 Dec 2020
👍1

@epicadk ok so now Android app should respond with an error message if someone tries to put an empty password right? Now we can also add a check on the frontend, to avoid sending the request to the server if we detect the password is invalid (according to same rules in backend)

isabelcosta picture isabelcosta on 22 Dec 2020

@epicadk ok so now Android app should respond with an error message if someone tries to put an empty password right? Now we can also add a check on the frontend, to avoid sending the request to the server if we detect the password is invalid (according to same rules in backend)

Hmm yes I agree I'll modify the issue

epicadk picture epicadk on 22 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

devanshi7799 picture devanshi7799  路  8Comments
jddeep picture jddeep  路  6Comments
vaishnavi-29 picture vaishnavi-29  路  3Comments
Priyansh-Kedia picture Priyansh-Kedia  路  6Comments
isabelcosta picture isabelcosta  路  4Comments