From 006bcabcdb561dc71e2bee6c683a73d3cb01ea86 Mon Sep 17 00:00:00 2001 From: Aaron Liu Date: Tue, 13 May 2025 15:05:01 +0800 Subject: [PATCH] fix(session): increase password length limit to 128 --- service/admin/user.go | 4 ++++ service/user/login.go | 4 ++-- service/user/register.go | 2 +- service/user/setting.go | 4 ++-- 4 files changed, 9 insertions(+), 5 deletions(-) diff --git a/service/admin/user.go b/service/admin/user.go index 5ddc067..8ae2aea 100644 --- a/service/admin/user.go +++ b/service/admin/user.go @@ -165,6 +165,10 @@ func (s *UpsertUserService) Update(c *gin.Context) (*GetUserResponse, error) { } + if s.Password != "" && len(s.Password) > 128 { + return nil, serializer.NewError(serializer.CodeParamErr, "Password too long", nil) + } + newUser, err := userClient.Upsert(ctx, s.User, s.Password, s.TwoFA) if err != nil { return nil, serializer.NewError(serializer.CodeDBError, "Failed to update user", err) diff --git a/service/user/login.go b/service/user/login.go index 573563c..39d310b 100644 --- a/service/user/login.go +++ b/service/user/login.go @@ -25,13 +25,13 @@ type LoginParameterCtx struct{} // UserLoginService 管理用户登录的服务 type UserLoginService struct { UserName string `form:"email" json:"email" binding:"required,email"` - Password string `form:"password" json:"password" binding:"required,min=4,max=64"` + Password string `form:"password" json:"password" binding:"required,min=4,max=128"` } type ( // UserResetService 密码重设服务 UserResetService struct { - Password string `form:"password" json:"password" binding:"required,min=6,max=64"` + Password string `form:"password" json:"password" binding:"required,min=6,max=128"` Secret string `json:"secret" binding:"required"` } UserResetParameterCtx struct{} diff --git a/service/user/register.go b/service/user/register.go index 9088c7d..0273549 100644 --- a/service/user/register.go +++ b/service/user/register.go @@ -25,7 +25,7 @@ type RegisterParameterCtx struct{} // UserRegisterService 管理用户注册的服务 type UserRegisterService struct { UserName string `form:"email" json:"email" binding:"required,email"` - Password string `form:"password" json:"password" binding:"required,min=6,max=64"` + Password string `form:"password" json:"password" binding:"required,min=6,max=128"` Language string `form:"language" json:"language"` } diff --git a/service/user/setting.go b/service/user/setting.go index a6dd7b6..07cbcf0 100644 --- a/service/user/setting.go +++ b/service/user/setting.go @@ -215,8 +215,8 @@ type ( VersionRetentionEnabled *bool `json:"version_retention_enabled" binding:"omitempty"` VersionRetentionExt *[]string `json:"version_retention_ext" binding:"omitempty"` VersionRetentionMax *int `json:"version_retention_max" binding:"omitempty,min=0"` - CurrentPassword *string `json:"current_password" binding:"omitempty,min=4,max=64"` - NewPassword *string `json:"new_password" binding:"omitempty,min=6,max=64"` + CurrentPassword *string `json:"current_password" binding:"omitempty,min=4,max=128"` + NewPassword *string `json:"new_password" binding:"omitempty,min=6,max=128"` TwoFAEnabled *bool `json:"two_fa_enabled" binding:"omitempty"` TwoFACode *string `json:"two_fa_code" binding:"omitempty"` }