From 97f5dcaf8c408a68ef0062d410b6c1599976688f Mon Sep 17 00:00:00 2001 From: Dave Date: Wed, 6 Nov 2019 15:25:39 +1100 Subject: [PATCH] Strip password before length check (#1155) * Strip password before length check * Pin black to an older version --- .travis.yml | 2 +- CTFd/auth.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index 63bbcec..0da59c1 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,7 +25,7 @@ before_install: - sudo rm -f /etc/boto.cfg - export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE - export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY - - python3.6 -m pip install black>=19.3b0 + - python3.6 -m pip install black==19.3b0 install: - pip install -r development.txt - yarn global add prettier@1.17.0 diff --git a/CTFd/auth.py b/CTFd/auth.py index c937031..bc4eed9 100644 --- a/CTFd/auth.py +++ b/CTFd/auth.py @@ -170,7 +170,7 @@ def register(): .filter_by(email=email_address) .first() ) - pass_short = len(password) == 0 + pass_short = len(password.strip()) == 0 pass_long = len(password) > 128 valid_email = validators.validate_email(request.form["email"]) team_name_email_check = validators.validate_email(name)