Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add minimum password length and password requirements config #2885

Merged
merged 10 commits into from
Nov 28, 2024
Merged

feat: add minimum password length and password requirements config #2885

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
69f066a
feat: add minimal password length and password requirements config
silentworks Nov 15, 2024
260897a
Update auth config body
silentworks Nov 15, 2024
0030a06
fix: change password requirements to a map
silentworks Nov 26, 2024
30ba941
tests: update config and diff files
silentworks Nov 26, 2024
bba74fb
Merge branch 'develop' into silentworks/add-min-password-and-requirem…
silentworks Nov 26, 2024
8036aef
update diffs for tests
silentworks Nov 26, 2024
a2efba4
chore: convert between local and remote password
sweatybridge Nov 28, 2024
21a64ad
chore: refactor config fields
sweatybridge Nov 28, 2024
879808c
chore: add unit tests for password requirement
sweatybridge Nov 28, 2024
a7e74f8
chore: add missing testdata
sweatybridge Nov 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions internal/start/start.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -506,6 +506,8 @@ EOF
fmt.Sprintf("GOTRUE_SMS_TEMPLATE=%v", utils.Config.Auth.Sms.Template),
"GOTRUE_SMS_TEST_OTP=" + testOTP.String(),

fmt.Sprintf("GOTRUE_PASSWORD_MIN_LENGTH=%v", utils.Config.Auth.MinimumPasswordLength),
fmt.Sprintf("GOTRUE_PASSWORD_REQUIRED_CHARACTERS=%v", utils.Config.Auth.PasswordRequirements),
fmt.Sprintf("GOTRUE_SECURITY_REFRESH_TOKEN_ROTATION_ENABLED=%v", utils.Config.Auth.EnableRefreshTokenRotation),
fmt.Sprintf("GOTRUE_SECURITY_REFRESH_TOKEN_REUSE_INTERVAL=%v", utils.Config.Auth.RefreshTokenReuseInterval),
fmt.Sprintf("GOTRUE_SECURITY_MANUAL_LINKING_ENABLED=%v", utils.Config.Auth.EnableManualLinking),
Expand Down
2 changes: 2 additions & 0 deletions pkg/config/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@ type (
SiteUrl string `toml:"site_url"`
AdditionalRedirectUrls []string `toml:"additional_redirect_urls"`
JwtExpiry uint `toml:"jwt_expiry"`
MinimumPasswordLength uint `toml:"minimum_password_length"`
PasswordRequirements string `toml:"password_requirements"`
silentworks marked this conversation as resolved.
Show resolved Hide resolved
EnableRefreshTokenRotation bool `toml:"enable_refresh_token_rotation"`
RefreshTokenReuseInterval uint `toml:"refresh_token_reuse_interval"`
EnableManualLinking bool `toml:"enable_manual_linking"`
Expand Down
7 changes: 7 additions & 0 deletions pkg/config/templates/config.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,13 @@ additional_redirect_urls = ["https://127.0.0.1:3000"]
# How long tokens are valid for, in seconds. Defaults to 3600 (1 hour), maximum 604,800 (1 week).
jwt_expiry = 3600
# If disabled, the refresh token will never expire.
minimum_password_length = 6
# Passwords shorter than this value will be rejected as weak. Minimum 6, recommended 8 or more.
password_requirements = ""
# Passwords that do not have at least one of each will be rejected as weak.
# Letters and digits: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ:0123456789
# Lowercase, uppercase letters and digits: abcdefghijklmnopqrstuvwxyz:ABCDEFGHIJKLMNOPQRSTUVWXYZ:0123456789
# Lowercase, uppercase letters, digits and symbols: abcdefghijklmnopqrstuvwxyz:ABCDEFGHIJKLMNOPQRSTUVWXYZ:0123456789:!@#$%^&*()_+-=[]{};'\\\\:\"|<>?,./`~
silentworks marked this conversation as resolved.
Show resolved Hide resolved
enable_refresh_token_rotation = true
# Allows refresh tokens to be reused after expiry, up to the specified interval in seconds.
# Requires enable_refresh_token_rotation = true.
Expand Down
Loading