Mirrors/filebrowser
1
0
Fork 0
mirror of https://github.com/filebrowser/filebrowser.git synced 2026-01-23 02:35:10 +00:00
Code Issues Projects Releases Wiki Activity

fix: add configurable minimum password length (#5225)

Browse source
This commit is contained in:
Henrique Dias 2025-06-28 10:07:34 +02:00 committed by GitHub
parent 089255997a
commit 464b644adf
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
21 changed files with 122 additions and 77 deletions
Download patch file Download diff file Expand all files Collapse all files

16
users/password.go
View file

@ -5,10 +5,18 @@ import (
"encoding/base64"
"golang.org/x/crypto/bcrypt"
fbErrors "github.com/filebrowser/filebrowser/v2/errors"
)
// randomPasswordBytesCount is chosen to fit in a base64 string without padding
const randomPasswordBytesCount = 9
// HashPwd hashes a password.
func HashAndValidatePwd(password string, minimumLength uint) (string, error) {
if uint(len(password)) < minimumLength {
return "", fbErrors.ErrShortPassword
}
return HashPwd(password)
}
// HashPwd hashes a password.
func HashPwd(password string) (string, error) {
@ -22,8 +30,8 @@ func CheckPwd(password, hash string) bool {
return err == nil
}
func RandomPwd() (string, error) {
randomPasswordBytes := make([]byte, randomPasswordBytesCount)
func RandomPwd(passwordLength uint) (string, error) {
randomPasswordBytes := make([]byte, passwordLength)
var _, err = rand.Read(randomPasswordBytes)
if err != nil {
return "", err