Skip to content

Error when password is nil #633

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
LandonSchropp opened this issue Jul 12, 2021 · 1 comment
Open

Error when password is nil #633

LandonSchropp opened this issue Jul 12, 2021 · 1 comment

Comments

@LandonSchropp
Copy link
Contributor

LandonSchropp commented Jul 12, 2021
edited
Loading

If I set my password field to nil on my schema, and the current_password field to the current password, I get this error:

** (ArgumentError) argument error
      (argon2_elixir 2.4.0) Argon2.Base.hash_nif(8, 17, 4, nil, <<167, 52, 54, 240, 152, 27, 100, 149, 31, 169, 82, 113, 244, 32, 231, 88>>, 0, 32, 99, 2, 0)
      (argon2_elixir 2.4.0) lib/argon2/base.ex:110: Argon2.Base.hash_password/3
      (pow 1.0.24) lib/pow/ecto/schema/changeset.ex:251: Pow.Ecto.Schema.Changeset.maybe_put_password_hash/2
      (pow 1.0.24) lib/pow/ecto/schema/changeset.ex:88: Pow.Ecto.Schema.Changeset.new_password_changeset/3
      (chessercise 0.1.0) lib/chessercise/schemas/user_schema.ex:24: Chessercise.UserSchema.changeset/2
      (espec 1.8.3) lib/espec/let/let_impl.ex:12: ESpec.Let.Impl.let_eval/2
      spec/chessercise/schemas/user_schema_spec.exs:72: Chessercise.UserSchemaSpec.example_is_not_valid_rmpodqwjxfhcgizsbeyvnltauk/1
      (espec 1.8.3) lib/espec/example_runner.ex:86: ESpec.ExampleRunner.try_run/3

Here's what my schema looks like:

defmodule Chessercise.UserSchema do
  use Chessercise.Schema
  use Pow.Ecto.Schema, password_hash_methods: {&Argon2.hash_pwd_salt/1, &Argon2.verify_pass/2}
  import Ecto.Changeset
  import Pow.Ecto.Schema.Changeset, only: [new_password_changeset: 3]

  @primary_key {:id, :binary_id, autogenerate: true}
  @foreign_key_type :binary_id

  @minimum_password_length 6
  @minimum_password_score 3

  schema "users" do
    field :username, :string
    pow_user_fields()

    timestamps()
  end

  def changeset(user, attributes) do
    user
    |> pow_user_id_field_changeset(attributes)
    |> pow_current_password_changeset(attributes)
    |> new_password_changeset(attributes, @pow_config)
    |> cast(attributes, [:username])
    |> validate_required([:email, :password, :username])
    |> validate_length(:password, min: @minimum_password_length)
    |> validate_password
  end

  defp validate_password(changeset) do
    validate_change(changeset, :password, fn (:password, password) ->
      if ZXCVBN.zxcvbn(password).score < @minimum_password_score do
        [password: "is not strong enough"]
      else
        []
      end
    end)
  end
end

Here's the code that produces this error:

Chessercise.UserSchema.changeset(
  %Chessercise.UserSchema{
    email: "[email protected]",
    password: "a8f730fc-fbec-462e-bf75-89e20a404d5b",
    password_hash: "$argon2id$...",
    username: "Username2"
  },
  %{current_password: "a8f730fc-fbec-462e-bf75-89e20a404d5b", password: nil}
)

Shound Pow be handling this use case? Thanks!
@LandonSchropp
Copy link
Contributor Author

@danschultzer Bump.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@LandonSchropp