fix(security): unify password minimum length to 8 characters
Unify password complexity requirements across all endpoints: - RegisterRequest: min=6 -> min=8 - ResetPasswordRequest: min=6 -> min=8 - ChangePasswordRequest: min=6 -> min=8 - CreateUserRequest: min=6 -> min=8 - UpdateUserRequest: min=6 -> min=8 This aligns with setup/handler.go validatePassword() which already requires 8 characters minimum.
This commit is contained in:
@@ -41,7 +41,7 @@ func NewAuthHandler(cfg *config.Config, authService *service.AuthService, userSe
|
||||
// RegisterRequest represents the registration request payload
|
||||
type RegisterRequest struct {
|
||||
Email string `json:"email" binding:"required,email"`
|
||||
Password string `json:"password" binding:"required,min=6"`
|
||||
Password string `json:"password" binding:"required,min=8"`
|
||||
VerifyCode string `json:"verify_code"`
|
||||
TurnstileToken string `json:"turnstile_token"`
|
||||
PromoCode string `json:"promo_code"` // 注册优惠码
|
||||
@@ -482,7 +482,7 @@ func (h *AuthHandler) ForgotPassword(c *gin.Context) {
|
||||
type ResetPasswordRequest struct {
|
||||
Email string `json:"email" binding:"required,email"`
|
||||
Token string `json:"token" binding:"required"`
|
||||
NewPassword string `json:"new_password" binding:"required,min=6"`
|
||||
NewPassword string `json:"new_password" binding:"required,min=8"`
|
||||
}
|
||||
|
||||
// ResetPasswordResponse 重置密码响应
|
||||
|
||||
Reference in New Issue
Block a user