Login Auth error message incorrect
Options
Josh Chambers
Member ✭
Perhaps a bit of an edge case, but also a real one:
1. User attempts to sign in with wrong password
2. The password they're using doesn't meet the password criteria
3. Xano response: "WEAK PASSWORD DETECTED. PLEASE USE AT LEAST 1 NUMBERS."
Expected behavior in #3: "Incorrect Password" message, regardless of whether or not the password meets the "Signup" password criteria.
Is this a bug or a feature? If the latter, how can I change this?
1. User attempts to sign in with wrong password
2. The password they're using doesn't meet the password criteria
3. Xano response: "WEAK PASSWORD DETECTED. PLEASE USE AT LEAST 1 NUMBERS."
Expected behavior in #3: "Incorrect Password" message, regardless of whether or not the password meets the "Signup" password criteria.
Is this a bug or a feature? If the latter, how can I change this?
Comments
-
Hey Josh - You could set a precondition before the Check Password to check for the same criteria and throw an incorrect password error if the criteria is not met. That's probably the workaround for now.
Also FYI, the password criteria is fully customizable from the schema settings of the password field. You can change the defaults, remove them altogether, or add additional criteria. -
Thanks, . I actually have a precondition in there, but it's after Check Password. Let me make sure I understand you're suggestion:
Add a precondition that checks if the password requirements are met (Using regex, perhaps?), and if they're not, throw an error. If they are, _then_ check if the password is correct.
And yeah, I was considering just turning off password criteria for now, but that's not ideal.
Thanks! -
Hey
I was just coming here to report an issue related to this.
I created a new password field on a new table for a 4 digit pin. So I set the filters to max 4, min 4 digits. Which was fine, but then I got an error on my other password fields in other tables. It’s as if the new filters applied to all password fields in my database. -
I can't re-create this so far. How many password data type fields are you using per table?
-
[7D9FDC36-4E1C-4B82-81A9-B79AF7C5558A]
Both “phone” table and “customer” table only have one password field type. -
If it's okay with you, can you please write me through our support chat with example inputs that I could use to run the endpoint and trigger the error?
-
This is a bug. This will be fixed in this week's release.
It should always just say invalid credentials. -
this is now fixed.
-
your issue is also now fixed.
Categories
- All Categories
- 53 ? Announcements
- 47 ? Releases
- 37 ? Welcome
- 983 ? Help! I'm a Noob
- 125 ? No-Code Front-Ends
- 633 ? Working with APIs
- 439 ? Transforming data
- 126 ? Connect Xano to ...
- 50 ?? Find an Expert
- 348 ❓Other questions
- 35 ? Security
- 22 ✂️ Snippets
- 19 ? Showcase
- 7 ?️ Xano Chatter
- 62 ? Video Tutorials
- 171 ? Request a feature
- 229 ? Report a Bug
- 19 ? Templates & Extensions
- 7 ? Feedback