From 82be4f0b4729be870ccefdae99a04833f134aa6a Mon Sep 17 00:00:00 2001
From: Bozhidar Slaveykov <bobi@microweber.com>
Date: Mon, 21 Mar 2022 14:43:49 +0200
Subject: [PATCH] max 500 chars on password

---
 .../User/Http/Controllers/UserForgotPasswordController.php      | 2 +-
 src/MicroweberPackages/User/Http/Requests/RegisterRequest.php   | 2 +-
 src/MicroweberPackages/User/Http/Requests/UserCreateRequest.php | 1 +
 src/MicroweberPackages/User/Http/Requests/UserUpdateRequest.php | 1 +
 4 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/MicroweberPackages/User/Http/Controllers/UserForgotPasswordController.php b/src/MicroweberPackages/User/Http/Controllers/UserForgotPasswordController.php
index 92e815bf1ca..8d130edb995 100644
--- a/src/MicroweberPackages/User/Http/Controllers/UserForgotPasswordController.php
+++ b/src/MicroweberPackages/User/Http/Controllers/UserForgotPasswordController.php
@@ -143,7 +143,7 @@ public function update(Request $request)
         $request->validate([
             'token' => 'required',
             'email' => 'required|email',
-            'password' => 'required|min:1|confirmed',
+            'password' => 'required|min:1|confirmed|max:500',
         ]);
 
         $tokenMd5 = \MicroweberPackages\User\Models\PasswordReset::where('email', $request->get('email'))
diff --git a/src/MicroweberPackages/User/Http/Requests/RegisterRequest.php b/src/MicroweberPackages/User/Http/Requests/RegisterRequest.php
index 94c49ce3b1f..5fdd8dcc5d6 100644
--- a/src/MicroweberPackages/User/Http/Requests/RegisterRequest.php
+++ b/src/MicroweberPackages/User/Http/Requests/RegisterRequest.php
@@ -83,7 +83,7 @@ public function rules()
                 $rules['terms'] = $rules['terms'] . ', terms_newsletter';
             }
         }
-        $rules['password'] = 'required|min:1';
+        $rules['password'] = 'required|min:1|max:500';
 
 
         return $rules;
diff --git a/src/MicroweberPackages/User/Http/Requests/UserCreateRequest.php b/src/MicroweberPackages/User/Http/Requests/UserCreateRequest.php
index 529ab66c4c2..d74a4dde1d2 100644
--- a/src/MicroweberPackages/User/Http/Requests/UserCreateRequest.php
+++ b/src/MicroweberPackages/User/Http/Requests/UserCreateRequest.php
@@ -14,6 +14,7 @@ class UserCreateRequest extends FormRequest
     public function rules()
     {
         $rules = [
+             'password'=>'max:500',
              'first_name'=>'max:500',
              'last_name'=>'max:500',
              'phone'=>'max:500',
diff --git a/src/MicroweberPackages/User/Http/Requests/UserUpdateRequest.php b/src/MicroweberPackages/User/Http/Requests/UserUpdateRequest.php
index d189305fee5..c34b0148c26 100644
--- a/src/MicroweberPackages/User/Http/Requests/UserUpdateRequest.php
+++ b/src/MicroweberPackages/User/Http/Requests/UserUpdateRequest.php
@@ -19,6 +19,7 @@ public function rules()
         $ignore = Rule::unique('users')->ignore($this->id ?? 0, 'id');
 
         return [
+            'password'=>'max:500',
             'first_name'=>'max:500',
             'last_name'=>'max:500',
             'phone'=>'max:500',