forgot-password and personal-settings can now get the designated configuration from envVars through configManager

packages/app/src/server/routes/apiv3/forgot-password.js

@@ -25,11 +25,13 @@ module.exports = (crowi) => {
   const path = require('path');
   const csrf = require('../../middlewares/csrf')(crowi);
 
+  const minPasswordLength = crowi.configManager.getConfig('crowi', 'app:minPasswordLength');
+
   const validator = {
     password: [
       body('newPassword').isString().not().isEmpty()
-        .isLength({ min: 8 })
-        .withMessage('password must be at least 8 characters long'),
+        .isLength({ min: minPasswordLength })
+        .withMessage(`password must be at least ${minPasswordLength} characters long`),
       // checking if password confirmation matches password
       body('newPasswordConfirm').isString().not().isEmpty()
         .custom((value, { req }) => {

packages/app/src/server/routes/apiv3/personal-setting.js

@@ -1,17 +1,17 @@
 import { body } from 'express-validator';
 
+import { listLocaleIds } from '~/utils/locale-utils';
 import loggerFactory from '~/utils/logger';
 
-import { listLocaleIds } from '~/utils/locale-utils';
 
 import { apiV3FormValidator } from '../../middlewares/apiv3-form-validator';
 import EditorSettings from '../../models/editor-settings';
 import InAppNotificationSettings from '../../models/in-app-notification-settings';
+import ConfigLoader from '../../service/config-loader';
 
 const logger = loggerFactory('growi:routes:apiv3:personal-setting');
 
 const express = require('express');
-
 const passport = require('passport');
 
 const router = express.Router();
@@ -73,6 +73,8 @@ module.exports = (crowi) => {
 
   const { User, ExternalAccount } = crowi.models;
 
+  const minPasswordLength = crowi.configManager.getConfig('crowi', 'app:minPasswordLength');
+
   const validator = {
     personal: [
       body('name').isString().not().isEmpty(),
@@ -92,8 +94,8 @@ module.exports = (crowi) => {
     password: [
       body('oldPassword').isString(),
       body('newPassword').isString().not().isEmpty()
-        .isLength({ min: 8 })
-        .withMessage('password must be at least 8 characters long'),
+        .isLength({ min: minPasswordLength })
+        .withMessage(`password must be at least ${minPasswordLength} characters long`),
       body('newPasswordConfirm').isString().not().isEmpty()
         .custom((value, { req }) => {
           return (value === req.body.newPassword);
@@ -141,7 +143,6 @@ module.exports = (crowi) => {
    */
   router.get('/', accessTokenParser, loginRequiredStrictly, async(req, res) => {
     const { username } = req.user;
-
     try {
       const user = await User.findUserByUsername(username);