fix: validates password and confirm password on the server (#7410)

Fixes https://github.com/payloadcms/payload/issues/7380 Adjusts how the password/confirm-password fields are validated. Moves validation to the server, adds them to a custom schema under the schema path `${collectionSlug}.auth` for auth enabled collections.
2024-07-31 14:55:08 -04:00
parent 3d89508ce3
commit 290ffd3287
26 changed files with 430 additions and 209 deletions
--- a/test/collections-graphql/int.spec.ts
+++ b/test/collections-graphql/int.spec.ts
@@ -3,6 +3,7 @@ import type { Payload } from 'payload'
 import { fileURLToPath } from 'node:url'
 import path from 'path'
 import { getFileByPath, mapAsync } from 'payload'
+import { wait } from 'payload/shared'

 import type { NextRESTClient } from '../helpers/NextRESTClient.js'
 import type { Post } from './payload-types.js'
@@ -634,17 +635,16 @@ describe('collections-graphql', () => {

          it('should sort find results by nearest distance', async () => {
            // creating twice as many records as we are querying to get a random sample
-            await mapAsync([...Array(10)], () => {
-              // setTimeout used to randomize the creation timestamp
-              setTimeout(async () => {
-                await payload.create({
-                  collection: pointSlug,
-                  data: {
-                    // only randomize longitude to make distance comparison easy
-                    point: [Math.random(), 0],
-                  },
-                })
-              }, Math.random())
+            await mapAsync([...Array(10)], async () => {
+              // randomize the creation timestamp
+              await wait(Math.random())
+              await payload.create({
+                collection: pointSlug,
+                data: {
+                  // only randomize longitude to make distance comparison easy
+                  point: [Math.random(), 0],
+                },
+              })
            })

            const nearQuery = `
@@ -1185,7 +1185,7 @@ describe('collections-graphql', () => {
      expect(errors[0].message).toEqual('The following field is invalid: password')
      expect(errors[0].path[0]).toEqual('test2')
      expect(errors[0].extensions.name).toEqual('ValidationError')
-      expect(errors[0].extensions.data.errors[0].message).toEqual('No password was given')
+      expect(errors[0].extensions.data.errors[0].message).toEqual('This field is required.')
      expect(errors[0].extensions.data.errors[0].field).toEqual('password')

      expect(Array.isArray(errors[1].locations)).toEqual(true)