Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(auth): option to disable strong password validation #1785

Merged
merged 3 commits into from
Feb 27, 2024
Merged

feat(auth): option to disable strong password validation #1785

merged 3 commits into from
Feb 27, 2024

Conversation

siddhantk232
Copy link
Contributor

Add option to disable strong password validation in /-/auth/create-account/.
This can be disabled using the FASTN_DISABLE_STRONG_PASSWORD_CHECK env var:

  • true: disable validation
  • false (or unset): use zxcvbn to check for weak passwords

Also removes some dbg! calls in set_password.rs.

@amitu
Copy link
Contributor

amitu commented Feb 27, 2024

This is because of Nandhini's comments? I am not yet sure if FifthTry should use this feature. I am okay with this being merged in general.

@siddhantk232
Copy link
Contributor Author

This is because of Nandhini's comments? I am not yet sure if FifthTry should use this feature. I am okay with this being merged in general.

Nope. I added this as a nice option to not have to come up with strong creative passwords when you're in a development environment. I remember you requesting this feature too

@amitu
Copy link
Contributor

amitu commented Feb 27, 2024
edited

to not have to come up with strong creative passwords when you're in a development environment

Got it. So this is a development feature. We as a convention add either DANGER_ (if it is a prod variable that you should not set normally) or DEBUG_ (for development/debug variables) as prefix. FASTN_DISABLE_STRONG_PASSWORD_CHECK should be renamed to DEBUG_FASTN_DISABLE_STRONG_PASSWORD_CHECK or something.

@siddhantk232 siddhantk232 mentioned this pull request Feb 27, 2024
Merged
@amitu amitu merged commit da77f31 into main Feb 27, 2024
1 check passed
@amitu amitu deleted the auth/disable-passwd-on-dev branch February 27, 2024 12:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@amitu amitu Awaiting requested review from amitu

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@siddhantk232 @amitu