Merge pull request #1069 from ngn13/pass_length_check

Implemented password length check
2024-11-10 04:32:35 +01:00 · 2023-06-11 22:27:33 +10:00 · 2023-06-11 22:27:33 +10:00 · eb8a2513cf
commit eb8a2513cf
parent 9a227e35fa e774a9256b
2 changed files with 16 additions and 1 deletions
--- a/assets/locales/ur/auth.json
+++ b/assets/locales/ur/auth.json
@ -10,7 +10,8 @@
 		"EMAIL_INVALID": "Invalid Email",
 		"EMAIL_ALREADY_REGISTERED": "Email is already registered",
 		"DATE_OF_BIRTH_UNDERAGE": "You need to be {{years}} years or older",
-		"CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.",
+                "PASSWORD_REQUIREMENTS_MIN_LENGTH": "Must be at least {{min}} characters long.",
+                "CONSENT_REQUIRED": "You must agree to the Terms of Service and Privacy Policy.",
 		"USERNAME_TOO_MANY_USERS": "Too many users have this username, please try another"
 	}
 }
--- a/src/api/routes/auth/register.ts
+++ b/src/api/routes/auth/register.ts
@ -225,6 +225,20 @@ router.post(
 		}

 		if (body.password) {
+			const min = register.password.minLength
+				? register.password.minLength
+				: 8;
+			if (body.password.length < min) {
+				throw FieldErrors({
+					password: {
+						code: "PASSWORD_REQUIREMENTS_MIN_LENGTH",
+						message: req.t(
+							"auth:register.PASSWORD_REQUIREMENTS_MIN_LENGTH",
+							{ min: min },
+						),
+					},
+				});
+			}
 			// the salt is saved in the password refer to bcrypt docs
 			body.password = await bcrypt.hash(body.password, 12);
 		} else if (register.password.required) {