fix: respect isStrongPasswordDisabled in password validator by lakhansamani · Pull Request #488 · authorizerdev/authorizer
Navigation Menu
{{ message }}
authorizerdev / authorizer Public
- Notifications You must be signed in to change notification settings
- Fork 204
Merged
fix: respect isStrongPasswordDisabled in password validator#488
lakhansamani merged 3 commits intomainfrom
fix: respect isStrongPasswordDisabled in password validator#488
lakhansamani merged 3 commits intomainfrom
Conversation
Copy link Copy Markdown
Contributor
lakhansamani
commented
Mar 1, 2026
lakhansamani
commented
Summary
- Added early return in
IsValidPasswordwhenisStrongPasswordDisabledis true - When disabled, only min/max length (6-36 chars) is enforced, skipping character class checks
Test plan
- Verify passwords without special chars are accepted when strong password is disabled
- Verify strong password rules still apply when enabled
Fixes #477
lakhansamani added 3 commits
March 1, 2026 11:45The IsValidPassword function ignored the isStrongPasswordDisabled parameter and always enforced strong password rules. Now when strong password is disabled, only min/max length is checked. Fixes #477
lakhansamani
merged commit
8750af8
into
main
lakhansamani
deleted the
fix/password-validator-strong-password
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
1 participant