fix: passthrough the minimum password length (#5236)

2025-06-29 11:28:32 +02:00
parent 7354eb6cf9
commit bf37f88c32
11 changed files with 100065 additions and 30 deletions
--- a/http/auth.go
+++ b/http/auth.go
@@ -151,9 +151,9 @@ var signupHandler = func(_ http.ResponseWriter, r *http.Request, d *data) (int,

 	d.settings.Defaults.Apply(user)

-	pwd, err := users.HashAndValidatePwd(info.Password, d.settings.MinimumPasswordLength)
+	pwd, err := users.ValidateAndHashPwd(info.Password, d.settings.MinimumPasswordLength)
 	if err != nil {
-		return http.StatusInternalServerError, err
+		return http.StatusBadRequest, err
 	}

 	user.Password = pwd