From 7e512b9bc2cd5052f338830c8219afe1966d4291 Mon Sep 17 00:00:00 2001
From: steunix <stefano.rivoir@tesisquare.com>
Date: Tue, 5 Aug 2025 22:38:46 +0200
Subject: [PATCH] Add configuration for generated password length Fixes #323

---
 api/v1/controllers/util.mjs    | 2 +-
 config-skel.json               | 3 ++-
 docs/index.md                  | 1 +
 lib/schemas/system_config.json | 3 ++-
 4 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/api/v1/controllers/util.mjs b/api/v1/controllers/util.mjs
index ec1b8db..5a016ae 100644
--- a/api/v1/controllers/util.mjs
+++ b/api/v1/controllers/util.mjs
@@ -25,7 +25,7 @@ import DB from '../../../lib/db.mjs'
  */
 export async function generatePassword (req, res, next) {
   const pwd = generator.generate({
-    length: 15,
+    length: Config.get().generated_password_length || 20,
     numbers: true,
     symbols: req?.query?.symbols !== 'false',
     lowercase: true,
diff --git a/config-skel.json b/config-skel.json
index 5cfb9d4..b6e0c26 100644
--- a/config-skel.json
+++ b/config-skel.json
@@ -35,5 +35,6 @@
     "max_hours": 168
   },
   "readonly": false,
-  "enable_metrics": true
+  "enable_metrics": true,
+  "generated_password_length": 20
 }
diff --git a/docs/index.md b/docs/index.md
index 14f4ee3..74e06f4 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -409,6 +409,7 @@ Copy `config-skel.json` to `config.json` and adjust the options:
   - `max_hours`: Max one-time secrets duration
 - `readonly`: true or false; if true, no write operation is allowed both for admins and regolar users
 - `enable_metrics`: true or false, enables Prometheus formatted metrics
+- `generated_password_length`: length of random generated password, default is 20
 
 ## Environment variables
 
diff --git a/lib/schemas/system_config.json b/lib/schemas/system_config.json
index b5e842d..48f3b4e 100644
--- a/lib/schemas/system_config.json
+++ b/lib/schemas/system_config.json
@@ -68,7 +68,8 @@
       "required": [ "max_hours" ]
     },
     "readonly": { "type": "boolean" },
-    "enable_metrics": { "type": "boolean" }
+    "enable_metrics": { "type": "boolean" },
+    "generated_password_length": { "type": "integer", "minimum": 10, "maximum": 50 }
   },
   "required": ["jwt_duration", "listen", "log", "https", "redis", "onetimetokens", "readonly"]
 }
\ No newline at end of file