fix(security): unify password minimum length to 8 characters

Unify password complexity requirements across all endpoints:
- RegisterRequest: min=6 -> min=8
- ResetPasswordRequest: min=6 -> min=8
- ChangePasswordRequest: min=6 -> min=8
- CreateUserRequest: min=6 -> min=8
- UpdateUserRequest: min=6 -> min=8

This aligns with setup/handler.go validatePassword() which already
requires 8 characters minimum.
This commit is contained in:
User
2026-04-16 21:42:41 +08:00
parent ebe2d250f3
commit c0ed3b5544
3 changed files with 5 additions and 5 deletions

View File

@@ -35,7 +35,7 @@ func NewUserHandler(adminService service.AdminService, concurrencyService *servi
// CreateUserRequest represents admin create user request
type CreateUserRequest struct {
Email string `json:"email" binding:"required,email"`
Password string `json:"password" binding:"required,min=6"`
Password string `json:"password" binding:"required,min=8"`
Username string `json:"username"`
Notes string `json:"notes"`
Balance float64 `json:"balance"`
@@ -47,7 +47,7 @@ type CreateUserRequest struct {
// 使用指针类型来区分"未提供"和"设置为0"
type UpdateUserRequest struct {
Email string `json:"email" binding:"omitempty,email"`
Password string `json:"password" binding:"omitempty,min=6"`
Password string `json:"password" binding:"omitempty,min=8"`
Username *string `json:"username"`
Notes *string `json:"notes"`
Balance *float64 `json:"balance"`