security: enforce min length for user password (#1555)

* fix typing on auth context * extract user password strength meter * fix broken useToggle method * extend form to accept arguments for validators * enforce password length on update * fix user password change form
2025-11-29 15:14:06 -05:00 · 2022-08-13 21:38:26 -08:00
parent b3c41a4bd0
commit 54c4f19a5c
9 changed files with 105 additions and 95 deletions
--- a/mealie/schema/user/user.py
+++ b/mealie/schema/user/user.py
@@ -3,7 +3,7 @@ from pathlib import Path
 from typing import Any, Optional
 from uuid import UUID

-from pydantic import UUID4, validator
+from pydantic import UUID4, Field, validator
 from pydantic.types import constr
 from pydantic.utils import GetterDict

@@ -49,7 +49,7 @@ class DeleteTokenResponse(MealieModel):

 class ChangePassword(MealieModel):
    current_password: str
-    new_password: str
+    new_password: str = Field(..., min_length=8)


 class GroupBase(MealieModel):