[STORY-648] feat: raise DB user passwords minimum length to 24

Scalingo · Sep 16, 2024 · b5375cd · b5375cd
1 parent ddc1542
commit b5375cd
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/db/users/create.go b/db/users/create.go
@@ -57,7 +57,7 @@ func CreateUser(ctx context.Context, app, addonUUID, username string, readonly b
 	isPasswordGenerated := false
 	if password == "" {
 		isPasswordGenerated = true
-		password = gopassword.Generate(64)
+		password = gopassword.Generate()
 		confirmedPassword = password
 	}
 

diff --git a/db/users/utils.go b/db/users/utils.go
@@ -87,8 +87,8 @@ func isPasswordValid(password, confirmedPassword string) (string, bool) {
 	if password != confirmedPassword {
 		return "Password confirmation doesn't match", false
 	}
-	if len(password) < 8 || len(password) > 64 {
-		return "Password must contain between 8 and 64 characters", false
+	if len(password) < 24 || len(password) > 64 {
+		return "Password must contain between 24 and 64 characters", false
 	}
 	return "", true
 }