mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
Browse Source

Update minimum password length requirements (#25946)

tags/v1.21.0-rc0
techknowlogick 9 months ago
parent
02a45e8d58
commit
b3f7137174
No account linked to committer's email address
4 changed files with 5 additions and 5 deletions
Split View Show Diff Stats
  1. 1
    1
      custom/conf/app.example.ini
  2. 1
    1
      docs/content/administration/config-cheat-sheet.en-us.md
  3. 1
    1
      modules/setting/security.go
  4. 2
    2
      tests/e2e/example.test.e2e.js

+ 1
- 1
custom/conf/app.example.ini View File

@@ -454,7 +454,7 @@ INTERNAL_TOKEN=
;REVERSE_PROXY_TRUSTED_PROXIES = 127.0.0.0/8,::1/128
;;
;; The minimum password length for new Users
;MIN_PASSWORD_LENGTH = 6
;MIN_PASSWORD_LENGTH = 8
;;
;; Set to true to allow users to import local server paths
;IMPORT_LOCAL_PATHS = false

+ 1
- 1
docs/content/administration/config-cheat-sheet.en-us.md View File

@@ -559,7 +559,7 @@ And the following unique queues:
- `scrypt`: `scrypt$65536$16$2$50`
- Adjusting the algorithm parameters using this functionality is done at your own risk.
- `CSRF_COOKIE_HTTP_ONLY`: **true**: Set false to allow JavaScript to read CSRF cookie.
- `MIN_PASSWORD_LENGTH`: **6**: Minimum password length for new users.
- `MIN_PASSWORD_LENGTH`: **8**: Minimum password length for new users.
- `PASSWORD_COMPLEXITY`: **off**: Comma separated list of character classes required to pass minimum complexity. If left empty or no valid values are specified, checking is disabled (off):
- lower - use one or more lower latin characters
- upper - use one or more upper latin characters

+ 1
- 1
modules/setting/security.go View File

@@ -124,7 +124,7 @@ func loadSecurityFrom(rootCfg ConfigProvider) {
ReverseProxyTrustedProxies = []string{"127.0.0.0/8", "::1/128"}
}

MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(8)
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(true)
DisableWebhooks = sec.Key("DISABLE_WEBHOOKS").MustBool(false)

+ 2
- 2
tests/e2e/example.test.e2e.js View File

@@ -18,8 +18,8 @@ test('Test Register Form', async ({page}, workerInfo) => {
await expect(response?.status()).toBe(200); // Status OK
await page.type('input[name=user_name]', `e2e-test-${workerInfo.workerIndex}`);
await page.type('input[name=email]', `e2e-test-${workerInfo.workerIndex}@test.com`);
await page.type('input[name=password]', 'test123');
await page.type('input[name=retype]', 'test123');
await page.type('input[name=password]', 'test123test123');
await page.type('input[name=retype]', 'test123test123');
await page.click('form button.ui.green.button:visible');
// Make sure we routed to the home page. Else login failed.
await expect(page.url()).toBe(`${workerInfo.project.use.baseURL}/`);

Write Preview
Loading…
Cancel
Save