Ensure complexity, minlength and ispwned are checked on password setting (#18005) (#18015)

Backport #18005 It appears that there are several places that password length, complexity and ispwned are not currently been checked when changing passwords. This PR adds these. Fix #17977 Signed-off-by: Andrew Thornton <art27@cantab.net>
2025-08-05 09:08:22 +00:00 · 2021-12-17 21:24:59 +00:00
parent 3ae4c4898b
commit 2051f850ef
3 changed files with 25 additions and 1 deletions
--- a/cmd/admin.go
+++ b/cmd/admin.go
@@ -335,6 +335,10 @@ func runChangePassword(c *cli.Context) error {
 	if err := initDB(); err != nil {
 		return err
 	}
+	if len(c.String("password")) < setting.MinPasswordLength {
+		return fmt.Errorf("Password is not long enough. Needs to be at least %d", setting.MinPasswordLength)
+	}
+
 	if !pwd.IsComplexEnough(c.String("password")) {
 		return errors.New("Password does not meet complexity requirements")
 	}