From ed5b7559ec36db3d2346f7d96e2bf6c90bf07cfc Mon Sep 17 00:00:00 2001
From: Dane Everitt <dane@daneeveritt.com>
Date: Thu, 1 Dec 2016 19:16:40 -0500
Subject: [PATCH] Fixes potential for generated password to not meet own
 validation requirements

---
 CHANGELOG.md                                  |  3 +++
 app/Http/Controllers/Base/IndexController.php | 11 ++++++++++-
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 32a436a48..43bce8284 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -12,6 +12,9 @@ This project follows [Semantic Versioning](http://semver.org) guidelines.
 * File uploads now account for a maximum file size that is assigned for the daemon, and gives cleaner errors when that limit is reached.
 * File upload limit can now be controlled from the panel.
 
+### Fixed
+* Fixes potential for generated password to not meet own validation requirements.
+
 ## v0.5.3 (Bodacious Boreopterus)
 ### Fixed
 * Fixed an error that occurred when viewing a node listing when no nodes were created yet due to a mis-declared variable. Also fixes a bug that would have all nodes trying to connect to the daemon using the same secret token on the node listing, causing only the last node to display properly.
diff --git a/app/Http/Controllers/Base/IndexController.php b/app/Http/Controllers/Base/IndexController.php
index bed1cb988..5631dc137 100644
--- a/app/Http/Controllers/Base/IndexController.php
+++ b/app/Http/Controllers/Base/IndexController.php
@@ -62,7 +62,16 @@ class IndexController extends Controller
     public function getPassword(Request $request, $length = 16)
     {
         $length = ($length < 8) ? 8 : $length;
-        return str_random($length);
+
+        $returnable = false;
+        while (!$returnable) {
+            $generated = str_random($length);
+            if (preg_match('/[A-Z]+[a-z]+[0-9]+/', $generated)) {
+                $returnable = true;
+            }
+        }
+
+        return $generated;
     }
 
 }