Validate password on reset according to rules (pterodactyl#158)

* move password rules to Models\User::PASSWORD_RULES

* validate new password according to rules on password reset

* add password requirements info to auth.passwords.reset view

Author: schrej

app/Http/Controllers/Auth/ResetPasswordController.php

@@ -31,4 +31,12 @@ public function __construct()
     {
         $this->middleware('guest');
     }
+
+
+    protected function rules() {
+        return [
+            'token' => 'required', 'email' => 'required|email',
+            'password' => 'required|confirmed|' . User::PASSWORD_RULES,
+        ];
+    }
 }

app/Http/Controllers/Base/AccountController.php

@@ -84,7 +84,7 @@ public function password(Request $request)
 
         $this->validate($request, [
             'current_password' => 'required',
-            'new_password' => 'required|confirmed|different:current_password|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})',
+            'new_password' => 'required|confirmed|different:current_password|' . Models\User::PASSWORD_RULES,
             'new_password_confirmation' => 'required'
         ]);
 

app/Models/User.php

@@ -76,6 +76,13 @@ class User extends Model implements AuthenticatableContract,
      */
     protected $hidden = ['password', 'remember_token', 'totp_secret'];
 
+    /**
+    * The rules for user passwords
+    * 
+    * @var string
+    */
+    const PASSWORD_RULES = 'min:8|regex:((?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,})';
+
     public function permissions()
     {
         return $this->hasMany(Permission::class);

resources/views/auth/passwords/reset.blade.php

@@ -55,6 +55,7 @@
                             <strong>{{ $errors->first('password') }}</strong>
                         </span>
                     @endif
+                    <p class="text-muted"><small>{{ trans('base.password_req') }}</small></p>
                 </div>
             </div>
             <div class="form-group">