chore: sonar

api/src/controllers/login.js

@@ -21,10 +21,12 @@ const serverUtils = require('../server-utils');
 const PASSWORD_RESET_URL = '/medic/password-reset';
 
 const ERROR_KEY_MAPPING = {
-  'password.weak': 'strength-low',
-  'password.length.minimum': 'input-short',
-  'password.current.incorrect': 'auth-incorrect',
-  'password.same': 'duplicate'
+  // Ignore Sonar false positive that these are hard-coded credentials.
+  // These are css error classes for password reset html
+  'password.weak': 'password-weak', //NoSONAR
+  'password.length.minimum': 'password-short', //NoSONAR
+  'password.current.incorrect': 'current-password-incorrect', //NoSONAR
+  'password.same': 'password-same', //NoSONAR
 };
 
 const templates = {

api/src/public/login/password-reset.js

@@ -23,7 +23,7 @@ const displayPasswordValidationError = (serverResponse) => {
   const { error, params } = JSON.parse(serverResponse);
   setState(error);
 
-  const passwordError = document.querySelector('.error.input-short');
+  const passwordError = document.querySelector('.error.password-short');
   if (params?.minimum && passwordError) {
     passwordError.setAttribute('translate-values', JSON.stringify(params));
     baseTranslate(selectedLocale, translations);

api/src/public/login/style.css

@@ -102,12 +102,12 @@ form {
 .tokentimeout .error.timeout,
 .tokenexpired .error.expired,
 .tokenerror .error.unknown,
-.strength-low .error.strength-low,
-.input-short .error.input-short,
+.password-weak .error.password-weak,
+.password-short .error.password-short,
 .password-mismatch .error.password-mismatch,
 .password-required .error.password-required,
-.duplicate .error.duplicate,
-.auth-incorrect .error.auth-incorrect
+.password-same .error.password-same,
+.current-password-incorrect .error.current-password-incorrect
 {
   display: block;
 }

api/src/templates/login/password-reset.html

@@ -40,11 +40,11 @@
       <input id="confirm-password" name="confirm-password" type="password"/>
     </div>
 
-    <p class="error auth-incorrect" translate="password.current.incorrect"></p>
-    <p class="error duplicate" translate="password.same"></p>
+    <p class="error current-password-incorrect" translate="password.current.incorrect"></p>
+    <p class="error password-same" translate="password.same"></p>
     <p class="error password-mismatch" translate="password.must.match"></p>
-    <p class="error strength-low" translate="password.weak"></p>
-    <p class="error input-short" translate="password.length.minimum" translate-values=""></p>
+    <p class="error password-weak" translate="password.weak"></p>
+    <p class="error password-short" translate="password.length.minimum" translate-values=""></p>
 
     <button id="update-password" class="btn" translate="change.password.submit"></button>
     <div class="loader"></div>

tests/e2e/default/login/login-logout.wdio-spec.js

@@ -201,7 +201,7 @@ describe('Login page functionality tests', () => {
       await loginPage.setPasswordValue('');
       await loginPage.setConfirmPasswordValue('');
       await (await loginPage.updatePasswordButton()).click();
-      expect(await loginPage.getPasswordResetErrorMessage('input-short')).to.equal(PASSWORD_MISSING);
+      expect(await loginPage.getPasswordResetErrorMessage('password-short')).to.equal(PASSWORD_MISSING);
     });
 
     it('should try to reset password and verify confirm password is missing', async () => {
@@ -223,7 +223,7 @@ describe('Login page functionality tests', () => {
       await loginPage.setPasswordValue('12345678');
       await loginPage.setConfirmPasswordValue('12345678');
       await (await loginPage.updatePasswordButton()).click();
-      expect(await loginPage.getPasswordResetErrorMessage('strength-low')).to.equal(PASSWORD_WEAK);
+      expect(await loginPage.getPasswordResetErrorMessage('password-weak')).to.equal(PASSWORD_WEAK);
     });
 
     it('should try to reset password and verify current password is not correct', async () => {
@@ -235,7 +235,7 @@ describe('Login page functionality tests', () => {
       await loginPage.setPasswordValue(user.password);
       await loginPage.setConfirmPasswordValue(user.password);
       await (await loginPage.updatePasswordButton()).click();
-      expect(await loginPage.getPasswordResetErrorMessage('auth-incorrect')).to.equal(
+      expect(await loginPage.getPasswordResetErrorMessage('current-password-incorrect')).to.equal(
         CURRENT_PASSWORD_INCORRECT
       );
     });
@@ -249,7 +249,7 @@ describe('Login page functionality tests', () => {
       await loginPage.setPasswordValue(user.password);
       await loginPage.setConfirmPasswordValue(user.password);
       await (await loginPage.updatePasswordButton()).click();
-      expect(await loginPage.getPasswordResetErrorMessage('duplicate')).to.equal(PASSWORD_SAME);
+      expect(await loginPage.getPasswordResetErrorMessage('password-same')).to.equal(PASSWORD_SAME);
     });
 
     it('should reset password successfully and redirect to webapp', async () => {

tests/e2e/default/transitions/create-user-for-contacts.replace-user.wdio-spec.js

@@ -802,7 +802,7 @@ describe('Create user for contacts', () => {
       const updatedOriginalContact = await utils.getDoc(originalContactId);
       expect(updatedOriginalContact.user_for_contact).to.be.undefined;
       // Can still login as original user
-      const resp1 = await submitLoginRequest({ username : ONLINE_USER.username, password: newPassword });
+      const resp1 = await submitLoginRequest({ username: ONLINE_USER.username, password: newPassword });
       expect(resp1.statusCode).to.equal(302);
       // New user not created
       const newUserSettings = await utils.getUserSettings({ contactId: replacementContactId });