Merge pull request #12713 from Budibase/fix/password-length-admin-user-startup
Remove password validation for admin user environment variables
This commit is contained in:
commit
960cd4a857
|
@ -166,6 +166,8 @@ const environment = {
|
|||
DISABLE_JWT_WARNING: process.env.DISABLE_JWT_WARNING,
|
||||
BLACKLIST_IPS: process.env.BLACKLIST_IPS,
|
||||
SERVICE_TYPE: "unknown",
|
||||
PASSWORD_MIN_LENGTH: process.env.PASSWORD_MIN_LENGTH,
|
||||
PASSWORD_MAX_LENGTH: process.env.PASSWORD_MAX_LENGTH,
|
||||
/**
|
||||
* Enable to allow an admin user to login using a password.
|
||||
* This can be useful to prevent lockout when configuring SSO.
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
import { env } from ".."
|
||||
import env from "../environment"
|
||||
|
||||
export const PASSWORD_MIN_LENGTH = +(process.env.PASSWORD_MIN_LENGTH || 8)
|
||||
export const PASSWORD_MAX_LENGTH = +(process.env.PASSWORD_MAX_LENGTH || 512)
|
||||
export const PASSWORD_MIN_LENGTH = +(env.PASSWORD_MIN_LENGTH || 8)
|
||||
export const PASSWORD_MAX_LENGTH = +(env.PASSWORD_MAX_LENGTH || 512)
|
||||
|
||||
export function validatePassword(
|
||||
password: string
|
||||
|
|
|
@ -44,6 +44,12 @@ type GroupFns = {
|
|||
getBulk: GroupGetFn
|
||||
getGroupBuilderAppIds: GroupBuildersFn
|
||||
}
|
||||
type CreateAdminUserOpts = {
|
||||
ssoId?: string
|
||||
hashPassword?: boolean
|
||||
requirePassword?: boolean
|
||||
skipPasswordValidation?: boolean
|
||||
}
|
||||
type FeatureFns = { isSSOEnforced: FeatureFn; isAppBuildersEnabled: FeatureFn }
|
||||
|
||||
const bulkDeleteProcessing = async (dbUser: User) => {
|
||||
|
@ -112,10 +118,12 @@ export class UserDB {
|
|||
throw new HTTPError("Password change is disabled for this user", 400)
|
||||
}
|
||||
|
||||
if (!opts.skipPasswordValidation) {
|
||||
const passwordValidation = validatePassword(password)
|
||||
if (!passwordValidation.valid) {
|
||||
throw new HTTPError(passwordValidation.error, 400)
|
||||
}
|
||||
}
|
||||
|
||||
hashedPassword = opts.hashPassword ? await hash(password) : password
|
||||
} else if (dbUser) {
|
||||
|
@ -489,7 +497,7 @@ export class UserDB {
|
|||
email: string,
|
||||
password: string,
|
||||
tenantId: string,
|
||||
opts?: { ssoId?: string; hashPassword?: boolean; requirePassword?: boolean }
|
||||
opts?: CreateAdminUserOpts
|
||||
) {
|
||||
const user: User = {
|
||||
email: email,
|
||||
|
@ -513,6 +521,7 @@ export class UserDB {
|
|||
return await UserDB.save(user, {
|
||||
hashPassword: opts?.hashPassword,
|
||||
requirePassword: opts?.requirePassword,
|
||||
skipPasswordValidation: opts?.skipPasswordValidation,
|
||||
})
|
||||
}
|
||||
|
||||
|
|
|
@ -138,7 +138,11 @@ export async function startup(app?: Koa, server?: Server) {
|
|||
bbAdminEmail,
|
||||
bbAdminPassword,
|
||||
tenantId,
|
||||
{ hashPassword: true, requirePassword: true }
|
||||
{
|
||||
hashPassword: true,
|
||||
requirePassword: true,
|
||||
skipPasswordValidation: true,
|
||||
}
|
||||
)
|
||||
// Need to set up an API key for automated integration tests
|
||||
if (env.isTest()) {
|
||||
|
|
|
@ -2,4 +2,5 @@ export interface SaveUserOpts {
|
|||
hashPassword?: boolean
|
||||
requirePassword?: boolean
|
||||
currentUserId?: string
|
||||
skipPasswordValidation?: boolean
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue