fix(security): unify password minimum length to 8 characters

Unify password complexity requirements across all endpoints:
- RegisterRequest: min=6 -> min=8
- ResetPasswordRequest: min=6 -> min=8
- ChangePasswordRequest: min=6 -> min=8
- CreateUserRequest: min=6 -> min=8
- UpdateUserRequest: min=6 -> min=8

This aligns with setup/handler.go validatePassword() which already
requires 8 characters minimum.
This commit is contained in:
User
2026-04-16 21:42:41 +08:00
parent ebe2d250f3
commit c0ed3b5544
3 changed files with 5 additions and 5 deletions

View File

@@ -24,7 +24,7 @@ func NewUserHandler(userService *service.UserService) *UserHandler {
// ChangePasswordRequest represents the change password request payload
type ChangePasswordRequest struct {
OldPassword string `json:"old_password" binding:"required"`
NewPassword string `json:"new_password" binding:"required,min=6"`
NewPassword string `json:"new_password" binding:"required,min=8"`
}
// UpdateProfileRequest represents the update profile request payload