fix(security): strengthen password policy
Increase minimum password length from 8 to 12 characters and require at least one uppercase letter, one lowercase letter, and one digit. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
9870fa7831
commit
7b0f3bc61d
1 changed files with 18 additions and 2 deletions
20
change.go
20
change.go
|
|
@ -4,11 +4,27 @@ import (
|
|||
"errors"
|
||||
"log"
|
||||
"net/http"
|
||||
"unicode"
|
||||
)
|
||||
|
||||
func checkPasswdConstraint(password string) error {
|
||||
if len(password) < 8 {
|
||||
return errors.New("too short, please choose a password at least 8 characters long.")
|
||||
if len(password) < 12 {
|
||||
return errors.New("too short, please choose a password at least 12 characters long")
|
||||
}
|
||||
|
||||
var hasUpper, hasLower, hasDigit bool
|
||||
for _, r := range password {
|
||||
switch {
|
||||
case unicode.IsUpper(r):
|
||||
hasUpper = true
|
||||
case unicode.IsLower(r):
|
||||
hasLower = true
|
||||
case unicode.IsDigit(r):
|
||||
hasDigit = true
|
||||
}
|
||||
}
|
||||
if !hasUpper || !hasLower || !hasDigit {
|
||||
return errors.New("password must contain at least one uppercase letter, one lowercase letter, and one digit")
|
||||
}
|
||||
|
||||
return nil
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue