mirrors/filebrowser
1
0
Fork 0
mirror of https://github.com/filebrowser/filebrowser.git synced 2025-11-26 14:25:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: add configurable minimum password length (#5225)

Browse Source
This commit is contained in:
Henrique Dias
2025-06-28 10:07:34 +02:00
committed by GitHub
parent 089255997a
commit 464b644adf
21 changed files with 122 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
users/password.go
View File

@@ -5,10 +5,18 @@ import (
"encoding/base64"
"golang.org/x/crypto/bcrypt"
fbErrors "github.com/filebrowser/filebrowser/v2/errors"
)
// randomPasswordBytesCount is chosen to fit in a base64 string without padding
const randomPasswordBytesCount = 9
// HashPwd hashes a password.
func HashAndValidatePwd(password string, minimumLength uint) (string, error) {
if uint(len(password)) < minimumLength {
return "", fbErrors.ErrShortPassword
}
return HashPwd(password)
}
// HashPwd hashes a password.
func HashPwd(password string) (string, error) {
@@ -22,8 +30,8 @@ func CheckPwd(password, hash string) bool {
return err == nil
}
func RandomPwd() (string, error) {
randomPasswordBytes := make([]byte, randomPasswordBytesCount)
func RandomPwd(passwordLength uint) (string, error) {
randomPasswordBytes := make([]byte, passwordLength)
var _, err = rand.Read(randomPasswordBytes)
if err != nil {
return "", err