Appwrite/appwrite
1
0
Fork 0
mirror of https://github.com/appwrite/appwrite.git synced 2026-05-26 13:51:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Address password policy review

Browse Source
This commit is contained in:
Torsten Dittmann
2026-05-21 20:10:13 +04:00
parent 77456155a2
commit daaed8ff50
5 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app/init/constants.php
-1
View File
@@ -37,7 +37,6 @@ const APP_LIMIT_COMPRESSION = 20_000_000; //20MB
const APP_LIMIT_ARRAY_PARAMS_SIZE = 100; // Default maximum of how many elements can there be in API parameter that expects array value
const APP_LIMIT_ARRAY_LABELS_SIZE = 1000; // Default maximum of how many labels elements can there be in API parameter that expects array value
const APP_LIMIT_ARRAY_ELEMENT_SIZE = 4096; // Default maximum length of element in array parameter represented by maximum URL length.
const APP_LIMIT_USER_SESSIONS_DEFAULT = 10; // Default maximum sessions allowed per user
const APP_LIMIT_SUBQUERY = 1000;
const APP_LIMIT_SUBSCRIBERS_SUBQUERY = 1_000_000;
const APP_LIMIT_WRITE_RATE_DEFAULT = 60; // Default maximum write rate per rate period
src/Appwrite/Auth/Validator/PasswordPolicy.php
+1 -1
View File
@@ -80,7 +80,7 @@ class PasswordPolicy extends Password
return false;
}
if ($this->requireSpecialChar && !\preg_match("/[!\"#$%&'()*+,\-.\/:;<=>?@[\\\\\]^_`{|}~]/", $value)) {
if ($this->requireSpecialChar && !\preg_match('/[^\p{L}\p{N}\s]/u', $value)) {
return false;
}
src/Appwrite/Platform/Modules/Projects/Http/Projects/Create.php
+1 -1
View File
@@ -81,7 +81,7 @@ class Create extends Action
$auth = Config::getParam('auth', []);
$auths = [
'limit' => 0,
'maxSessions' => \APP_LIMIT_USER_SESSIONS_DEFAULT,
'maxSessions' => 0,
'passwordPolicy' => [
'minLength' => 8,
'requireUppercase' => false,
src/Appwrite/Utopia/Response/Model/Project.php
+1 -1
View File
@@ -523,7 +523,7 @@ class Project extends Model
$document->setAttribute('authLimit', $authValues['limit'] ?? 0);
$document->setAttribute('authDuration', $authValues['duration'] ?? TOKEN_EXPIRATION_LOGIN_LONG);
$document->setAttribute('authSessionsLimit', $authValues['maxSessions'] ?? \APP_LIMIT_USER_SESSIONS_DEFAULT);
$document->setAttribute('authSessionsLimit', $authValues['maxSessions'] ?? 0);
$document->setAttribute('authPasswordHistory', $authValues['passwordHistory'] ?? 0);
$document->setAttribute('authPasswordPolicyMinLength', $passwordPolicy['minLength'] ?? 8);
$document->setAttribute('authPasswordPolicyRequireUppercase', $passwordPolicy['requireUppercase'] ?? false);
tests/unit/Auth/Validator/PasswordPolicyTest.php
+1
View File
@@ -31,6 +31,7 @@ class PasswordPolicyTest extends TestCase
$this->assertFalse($validator->isValid('PasswordOnly!'));
$this->assertFalse($validator->isValid('Password1234'));
$this->assertTrue($validator->isValid('Password123!'));
$this->assertTrue($validator->isValid('Password123€'));
}
public function testAllowEmpty(): void