diff --git a/chaoscenter/authentication/api/docs/docs.go b/chaoscenter/authentication/api/docs/docs.go index 66613113ff5..8a09963c984 100644 --- a/chaoscenter/authentication/api/docs/docs.go +++ b/chaoscenter/authentication/api/docs/docs.go @@ -1220,7 +1220,7 @@ const docTemplate = `{ }, "message": { "type": "string", - "example": "Please ensure the password is 8 characters long and has 1 digit, 1 lowercase alphabet, 1 uppercase alphabet and 1 special character" + "example": "Please ensure the password is atleast 8 characters long and atmost 16 characters long and has 1 digit, 1 lowercase alphabet, 1 uppercase alphabet and 1 special character" } } }, @@ -1233,7 +1233,7 @@ const docTemplate = `{ }, "message": { "type": "string", - "example": "The username be atleast 3 characters long and atmost 12 characters long." + "example": "The username be atleast 3 characters long and atmost 16 characters long." } } }, diff --git a/chaoscenter/authentication/api/docs/swagger.json b/chaoscenter/authentication/api/docs/swagger.json index fb699ae220e..21348f9e750 100644 --- a/chaoscenter/authentication/api/docs/swagger.json +++ b/chaoscenter/authentication/api/docs/swagger.json @@ -1210,7 +1210,7 @@ }, "message": { "type": "string", - "example": "Please ensure the password is 8 characters long and has 1 digit, 1 lowercase alphabet, 1 uppercase alphabet and 1 special character" + "example": "Please ensure the password is atleast 8 characters long and atmost 16 characters long and has 1 digit, 1 lowercase alphabet, 1 uppercase alphabet and 1 special character" } } }, @@ -1223,7 +1223,7 @@ }, "message": { "type": "string", - "example": "The username be atleast 3 characters long and atmost 12 characters long." + "example": "The username be atleast 3 characters long and atmost 16 characters long." } } }, diff --git a/chaoscenter/authentication/api/docs/swagger.yaml b/chaoscenter/authentication/api/docs/swagger.yaml index cc105217b7c..9d34ea6c312 100644 --- a/chaoscenter/authentication/api/docs/swagger.yaml +++ b/chaoscenter/authentication/api/docs/swagger.yaml @@ -82,8 +82,9 @@ definitions: example: 401 type: integer message: - example: Please ensure the password is 8 characters long and has 1 digit, - 1 lowercase alphabet, 1 uppercase alphabet and 1 special character + example: Please ensure the password is atleast 8 characters long and atmost + 16 characters long and has 1 digit, 1 lowercase alphabet, 1 uppercase alphabet + and 1 special character type: string type: object response.ErrStrictUsernamePolicyViolation: @@ -92,7 +93,7 @@ definitions: example: 401 type: integer message: - example: The username be atleast 3 characters long and atmost 12 characters + example: The username be atleast 3 characters long and atmost 16 characters long. type: string type: object diff --git a/chaoscenter/authentication/api/handlers/doc.go b/chaoscenter/authentication/api/handlers/doc.go index f90fe0d9171..5b73e4b3d0d 100644 --- a/chaoscenter/authentication/api/handlers/doc.go +++ b/chaoscenter/authentication/api/handlers/doc.go @@ -97,12 +97,12 @@ type ErrUserDeactivated struct { type ErrStrictPasswordPolicyViolation struct { Code int `json:"code" example:"401"` - Message string `json:"message" example:"Please ensure the password is 8 characters long and has 1 digit, 1 lowercase alphabet, 1 uppercase alphabet and 1 special character"` + Message string `json:"message" example:"Please ensure the password is atleast 8 characters long and atmost 16 characters long and has 1 digit, 1 lowercase alphabet, 1 uppercase alphabet and 1 special character"` } type ErrStrictUsernamePolicyViolation struct { Code int `json:"code" example:"401"` - Message string `json:"message" example:"The username be atleast 3 characters long and atmost 12 characters long."` + Message string `json:"message" example:"The username be atleast 3 characters long and atmost 16 characters long."` } type ErrEmptyProjectName struct { diff --git a/chaoscenter/authentication/pkg/utils/errors.go b/chaoscenter/authentication/pkg/utils/errors.go index a9cebb9d95c..af48665ef1e 100644 --- a/chaoscenter/authentication/pkg/utils/errors.go +++ b/chaoscenter/authentication/pkg/utils/errors.go @@ -50,8 +50,8 @@ var ErrorDescriptions = map[AppError]string{ ErrInvalidRequest: "The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed", ErrUnauthorized: "The user does not have requested authorization to access this resource", ErrUserExists: "This username is already assigned to another user", - ErrStrictPasswordPolicyViolation: "Please ensure the password is 8 characters long and has 1 digit, 1 lowercase alphabet, 1 uppercase alphabet and 1 special character", - ErrStrictUsernamePolicyViolation: "The username be atleast 3 characters long and atmost 12 characters long.", + ErrStrictPasswordPolicyViolation: "Please ensure the password is atleast 8 characters long and atmost 16 characters long and has 1 digit, 1 lowercase alphabet, 1 uppercase alphabet and 1 special character", + ErrStrictUsernamePolicyViolation: "The username be atleast 3 characters long and atmost 16 characters long.", ErrEmptyProjectName: "Project name can't be empty", ErrInvalidRole: "Role is invalid", ErrProjectNotFound: "This project does not exist", diff --git a/chaoscenter/authentication/pkg/utils/sanitizers.go b/chaoscenter/authentication/pkg/utils/sanitizers.go index 86f5d28dca1..93c8e3e0a8b 100644 --- a/chaoscenter/authentication/pkg/utils/sanitizers.go +++ b/chaoscenter/authentication/pkg/utils/sanitizers.go @@ -13,8 +13,8 @@ func SanitizeString(input string) string { /* ValidateStrictPassword represents and checks for the following patterns: -- Input is at least 8 characters long -- Input contains at least one special character +- Input is at least 8 characters long and atmost 16 characters long +- Input contains at least one special character of these @$!%*?_& - Input contains at least one digit - Input contains at least one uppercase alphabet - Input contains at least one lowercase alphabet @@ -23,10 +23,15 @@ func ValidateStrictPassword(input string) error { if len(input) < 8 { return fmt.Errorf("password is less than 8 characters") } + + if len(input) > 16 { + return fmt.Errorf("password is more than 16 characters") + } + digits := `[0-9]{1}` lowerAlphabets := `[a-z]{1}` capitalAlphabets := `[A-Z]{1}` - specialCharacters := `[!@#~$%^&*()+|_]{1}` + specialCharacters := `[@$!%*?_&]{1}` if b, err := regexp.MatchString(digits, input); !b || err != nil { return fmt.Errorf("password does not contain digits") } @@ -42,17 +47,13 @@ func ValidateStrictPassword(input string) error { return nil } -func ValidateStrictUsername(username string) error { - if len(username) < 3 { - return fmt.Errorf("username must be at least three characters long") - } - - if len(username) > 16 { - return fmt.Errorf("username must be at most sixteen characters long") - } +// Username must start with a letter - ^[a-zA-Z] +// Allow letters, digits, underscores, and hyphens - [a-zA-Z0-9_-] +// Ensure the length of the username is between 3 and 16 characters (1 character is already matched above) - {2,15}$ +func ValidateStrictUsername(username string) error { // Ensure username doesn't contain special characters (only letters, numbers, and underscores are allowed) - if matched, _ := regexp.MatchString(`^[a-zA-Z0-9_]+$`, username); !matched { + if matched, _ := regexp.MatchString(`^[a-zA-Z][a-zA-Z0-9_-]{2,15}$`, username); !matched { return fmt.Errorf("username can only contain letters, numbers, and underscores") }