Merge pull request #1105 from yogeshojha/1079-disallow-empty-password

1079 disallow empty password
yogeshojha · Dec 5, 2023 · 5cc63b1 · 5cc63b1
2 parents e9771c5 + 26d9c23
commit 5cc63b1
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 2 deletions.
diff --git a/web/dashboard/templates/dashboard/admin.html b/web/dashboard/templates/dashboard/admin.html
@@ -279,6 +279,13 @@ <h4>Users</h4>
           var create_username = document.getElementById('create_username').value;
           var role_selected = document.getElementById('create_user_role').value;
           var create_password = document.getElementById('create_password').value;
+          if (!create_password) {
+            Swal.fire({
+              title: "Oops! Passwords can't be empty!",
+              icon: 'error',
+            })
+            return
+          }
           const data = {
             'username': create_username,
             'role': role_selected,

diff --git a/web/dashboard/views.py b/web/dashboard/views.py
@@ -220,8 +220,8 @@ def admin_interface_update(request, slug):
             try:
                 user.delete()
                 messages.add_message(
-                request,
-                messages.INFO,
+                    request,
+                    messages.INFO,
                     f'User {user.username} successfully deleted.'
                 )
                 messageData = {'status': True}
@@ -245,6 +245,9 @@ def admin_interface_update(request, slug):
         elif mode == 'create':
             try:
                 response = json.loads(request.body)
+                if not response.get('password'):
+                    messageData = {'status': False, 'error': 'Empty passwords are not allowed'}
+                    return JsonResponse(messageData)
                 UserModel = get_user_model()
                 user = UserModel.objects.create_user(
                     username=response.get('username'),