From ba2b54f842f4cb7f0506a23a50b048f3aa2b0af7 Mon Sep 17 00:00:00 2001
From: Adria Navarro <adria@budibase.com>
Date: Wed, 3 Jan 2024 10:12:22 +0100
Subject: [PATCH] Use env variables instead of checking if isdev

---
 packages/backend-core/src/security/auth.ts        | 11 +++--------
 .../backend-core/src/security/tests/auth.spec.ts  | 15 ++++++---------
 packages/server/scripts/dev/manage.js             |  1 +
 packages/worker/scripts/dev/manage.js             |  1 +
 4 files changed, 11 insertions(+), 17 deletions(-)

diff --git a/packages/backend-core/src/security/auth.ts b/packages/backend-core/src/security/auth.ts
index a5d4138724..c90d9df09b 100644
--- a/packages/backend-core/src/security/auth.ts
+++ b/packages/backend-core/src/security/auth.ts
@@ -1,20 +1,15 @@
 import { env } from ".."
 
-export const PASSWORD_MIN_LENGTH = 8
-export const PASSWORD_MAX_LENGTH = 512
+export const PASSWORD_MIN_LENGTH = +(process.env.PASSWORD_MIN_LENGTH || 8)
+export const PASSWORD_MAX_LENGTH = +(process.env.PASSWORD_MAX_LENGTH || 512)
 
 export function validatePassword(
   password: string
 ): { valid: true } | { valid: false; error: string } {
-  if (env.isDev() && !env.isTest() && password) {
-    // We accept any password while on development
-    return { valid: true }
-  }
-
   if (!password || password.length < PASSWORD_MIN_LENGTH) {
     return {
       valid: false,
-      error: "Password invalid. Minimum eight characters.",
+      error: `Password invalid. Minimum ${PASSWORD_MIN_LENGTH} characters.`,
     }
   }
 
diff --git a/packages/backend-core/src/security/tests/auth.spec.ts b/packages/backend-core/src/security/tests/auth.spec.ts
index 8a77646885..795268bb66 100644
--- a/packages/backend-core/src/security/tests/auth.spec.ts
+++ b/packages/backend-core/src/security/tests/auth.spec.ts
@@ -14,21 +14,18 @@ describe("auth", () => {
     ])("%s returns unsuccessful", (_, password) => {
       expect(validatePassword(password as string)).toEqual({
         valid: false,
-        error: "Password invalid. Minimum eight characters.",
+        error: "Password invalid. Minimum 8 characters.",
       })
     })
 
     it.each([
       generator.word({ length: PASSWORD_MAX_LENGTH }),
       generator.paragraph().substring(0, PASSWORD_MAX_LENGTH),
-    ])(
-      `can use passwords up to ${PASSWORD_MAX_LENGTH} characters in length`,
-      password => {
-        expect(validatePassword(password)).toEqual({
-          valid: true,
-        })
-      }
-    )
+    ])(`can use passwords up to 512 characters in length`, password => {
+      expect(validatePassword(password)).toEqual({
+        valid: true,
+      })
+    })
 
     it.each([
       generator.word({ length: PASSWORD_MAX_LENGTH + 1 }),
diff --git a/packages/server/scripts/dev/manage.js b/packages/server/scripts/dev/manage.js
index 6dc0966f78..1c7a70931b 100644
--- a/packages/server/scripts/dev/manage.js
+++ b/packages/server/scripts/dev/manage.js
@@ -48,6 +48,7 @@ async function init() {
     HTTP_MIGRATIONS: "0",
     HTTP_LOGGING: "0",
     VERSION: "0.0.0+local",
+    PASSWORD_MIN_LENGTH: "1",
   }
 
   config = { ...config, ...existingConfig }
diff --git a/packages/worker/scripts/dev/manage.js b/packages/worker/scripts/dev/manage.js
index 1b7c6f0ddd..acab87eb5e 100644
--- a/packages/worker/scripts/dev/manage.js
+++ b/packages/worker/scripts/dev/manage.js
@@ -30,6 +30,7 @@ async function init() {
     ENABLE_EMAIL_TEST_MODE: "1",
     HTTP_LOGGING: "0",
     VERSION: "0.0.0+local",
+    PASSWORD_MIN_LENGTH: "1",
   }
 
   config = { ...config, ...existingConfig }