fix(security): unify password minimum length to 8 characters

Unify password complexity requirements across all endpoints:
- RegisterRequest: min=6 -> min=8
- ResetPasswordRequest: min=6 -> min=8
- ChangePasswordRequest: min=6 -> min=8
- CreateUserRequest: min=6 -> min=8
- UpdateUserRequest: min=6 -> min=8

This aligns with setup/handler.go validatePassword() which already
requires 8 characters minimum.
This commit is contained in:
User
2026-04-16 21:42:41 +08:00
parent ebe2d250f3
commit c0ed3b5544
3 changed files with 5 additions and 5 deletions

View File

@@ -41,7 +41,7 @@ func NewAuthHandler(cfg *config.Config, authService *service.AuthService, userSe
// RegisterRequest represents the registration request payload
type RegisterRequest struct {
Email string `json:"email" binding:"required,email"`
Password string `json:"password" binding:"required,min=6"`
Password string `json:"password" binding:"required,min=8"`
VerifyCode string `json:"verify_code"`
TurnstileToken string `json:"turnstile_token"`
PromoCode string `json:"promo_code"` // 注册优惠码
@@ -482,7 +482,7 @@ func (h *AuthHandler) ForgotPassword(c *gin.Context) {
type ResetPasswordRequest struct {
Email string `json:"email" binding:"required,email"`
Token string `json:"token" binding:"required"`
NewPassword string `json:"new_password" binding:"required,min=6"`
NewPassword string `json:"new_password" binding:"required,min=8"`
}
// ResetPasswordResponse 重置密码响应