[8.x] Add UncompromisedVerifier facade and UncompromisedVerifierFake #37446
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hey there - check out the example here: https://laravel.com/docs/8.x/validation#defining-default-password-rules It shows how to disable this check in certain environments:
|
|
Oh, I did not see that new feature coming through. It is a way better solution, more flexible and more useful! Thanks for letting me know! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The NotPwnedVerifier makes HTTP request every time the
uncompromised()feature of the Password rule is being used. This might be an undesirable behaviour in some environment, especially in local or testing environment. When the new Password rule was first introduced, some were wondering if there was an easy way to mock theuncompromised()feature.This PR add the UncompromisedVerifier facade and the UncompromisedVerifierFake, a fake implementation of the UncompromisedVerifier contract. With a facade, we can easily reuse the fake mechanism to swap the instance for the fake one.
While this solution address the initial problem, I'm not sure that this is the right way to go. I'm curious to know if you would think of a better approach and I would gladly implement a different solution.