3 lat temu · f3152da02d
--- a/packages/app/src/server/routes/apiv3/forgot-password.js
+++ b/packages/app/src/server/routes/apiv3/forgot-password.js
@@ -25,11 +25,13 @@ module.exports = (crowi) => {
 
				   const path = require('path');
			
 
				   const csrf = require('../../middlewares/csrf')(crowi);
			
 
				 
			
 
				+  const minPasswordLength = crowi.configManager.getConfig('crowi', 'app:minPasswordLength');
			
 
				+
			
 
				   const validator = {
			
 
				     password: [
			
 
				       body('newPassword').isString().not().isEmpty()
			
 
				-        .isLength({ min: 8 })
			
 
				-        .withMessage('password must be at least 8 characters long'),
			
 
				+        .isLength({ min: minPasswordLength })
			
 
				+        .withMessage(`password must be at least ${minPasswordLength} characters long`),
			
 
				       // checking if password confirmation matches password
			
 
				       body('newPasswordConfirm').isString().not().isEmpty()
			
 
				         .custom((value, { req }) => {
			
--- a/packages/app/src/server/routes/apiv3/personal-setting.js
+++ b/packages/app/src/server/routes/apiv3/personal-setting.js
@@ -1,17 +1,17 @@
 
				 import { body } from 'express-validator';
			
 
				 
			
 
				+import { listLocaleIds } from '~/utils/locale-utils';
			
 
				 import loggerFactory from '~/utils/logger';
			
 
				 
			
 
				-import { listLocaleIds } from '~/utils/locale-utils';
			
 
				 
			
 
				 import { apiV3FormValidator } from '../../middlewares/apiv3-form-validator';
			
 
				 import EditorSettings from '../../models/editor-settings';
			
 
				 import InAppNotificationSettings from '../../models/in-app-notification-settings';
			
 
				+import ConfigLoader from '../../service/config-loader';
			
 
				 
			
 
				 const logger = loggerFactory('growi:routes:apiv3:personal-setting');
			
 
				 
			
 
				 const express = require('express');
			
 
				-
			
 
				 const passport = require('passport');
			
 
				 
			
 
				 const router = express.Router();
			
@@ -73,6 +73,8 @@ module.exports = (crowi) => {
 
				 
			
 
				   const { User, ExternalAccount } = crowi.models;
			
 
				 
			
 
				+  const minPasswordLength = crowi.configManager.getConfig('crowi', 'app:minPasswordLength');
			
 
				+
			
 
				   const validator = {
			
 
				     personal: [
			
 
				       body('name').isString().not().isEmpty(),
			
@@ -92,8 +94,8 @@ module.exports = (crowi) => {
 
				     password: [
			
 
				       body('oldPassword').isString(),
			
 
				       body('newPassword').isString().not().isEmpty()
			
 
				-        .isLength({ min: 8 })
			
 
				-        .withMessage('password must be at least 8 characters long'),
			
 
				+        .isLength({ min: minPasswordLength })
			
 
				+        .withMessage(`password must be at least ${minPasswordLength} characters long`),
			
 
				       body('newPasswordConfirm').isString().not().isEmpty()
			
 
				         .custom((value, { req }) => {
			
 
				           return (value === req.body.newPassword);
			
@@ -141,7 +143,6 @@ module.exports = (crowi) => {
 
				    */
			
 
				   router.get('/', accessTokenParser, loginRequiredStrictly, async(req, res) => {
			
 
				     const { username } = req.user;
			
 
				-
			
 
				     try {
			
 
				       const user = await User.findUserByUsername(username);