fix: password check

Author: c121914yu

projects/app/src/pageComponents/account/info/UpdatePswModal.tsx

@@ -5,7 +5,7 @@ import { useTranslation } from 'next-i18next';
 import { useForm } from 'react-hook-form';
 import { useRequest2 } from '@fastgpt/web/hooks/useRequest';
 import { updatePasswordByOld } from '@/web/support/user/api';
-import { PasswordRule } from '@/web/support/user/login/constants';
+import { checkPasswordRule } from '@/web/support/user/login/constants';
 import { useToast } from '@fastgpt/web/hooks/useToast';
 
 type FormType = {
@@ -70,9 +70,11 @@ const UpdatePswModal = ({ onClose }: { onClose: () => void }) => {
             placeholder={t('account_info:password_tip')}
             {...register('newPsw', {
               required: true,
-              pattern: {
-                value: PasswordRule,
-                message: t('account_info:password_tip')
+              validate: (val) => {
+                if (!checkPasswordRule(val)) {
+                  return t('login:password_tip');
+                }
+                return true;
               }
             })}
           ></Input>

projects/app/src/pageComponents/login/ForgetPasswordForm.tsx

@@ -1,7 +1,7 @@
 import React, { Dispatch } from 'react';
 import { FormControl, Box, Input, Button } from '@chakra-ui/react';
 import { useForm } from 'react-hook-form';
-import { LoginPageTypeEnum, PasswordRule } from '@/web/support/user/login/constants';
+import { LoginPageTypeEnum, checkPasswordRule } from '@/web/support/user/login/constants';
 import { postFindPassword } from '@/web/support/user/api';
 import { useSendCode } from '@/web/support/user/hooks/useSendCode';
 import type { ResLogin } from '@/global/support/api/userRes.d';
@@ -138,9 +138,11 @@ const RegisterForm = ({ setPageType, loginSuccess }: Props) => {
             placeholder={t('login:password_tip')}
             {...register('password', {
               required: true,
-              pattern: {
-                value: PasswordRule,
-                message: t('login:password_tip')
+              validate: (val) => {
+                if (!checkPasswordRule(val)) {
+                  return t('login:password_tip');
+                }
+                return true;
               }
             })}
           ></Input>

projects/app/src/pageComponents/login/RegisterForm.tsx

@@ -1,7 +1,7 @@
 import React, { Dispatch } from 'react';
 import { FormControl, Box, Input, Button } from '@chakra-ui/react';
 import { useForm } from 'react-hook-form';
-import { LoginPageTypeEnum, PasswordRule } from '@/web/support/user/login/constants';
+import { LoginPageTypeEnum, checkPasswordRule } from '@/web/support/user/login/constants';
 import { postRegister } from '@/web/support/user/api';
 import { useSendCode } from '@/web/support/user/hooks/useSendCode';
 import type { ResLogin } from '@/global/support/api/userRes';
@@ -166,9 +166,11 @@ const RegisterForm = ({ setPageType, loginSuccess }: Props) => {
             placeholder={t('login:password_tip')}
             {...register('password', {
               required: true,
-              pattern: {
-                value: PasswordRule,
-                message: t('login:password_tip')
+              validate: (val) => {
+                if (!checkPasswordRule(val)) {
+                  return t('login:password_tip');
+                }
+                return true;
               }
             })}
           ></Input>

projects/app/src/web/support/user/login/constants.ts

@@ -5,5 +5,21 @@ export enum LoginPageTypeEnum {
   wechat = 'wechat'
 }
 
-export const PasswordRule =
-  /^(?:(?=.*\d)(?=.*[a-z])|(?=.*\d)(?=.*[A-Z])|(?=.*\d)(?=.*[!@#$%^&*_])|(?=.*[a-z])(?=.*[A-Z])|(?=.*[a-z])(?=.*[!@#$%^&*_])|(?=.*[A-Z])(?=.*[!@#$%^&*_]))[\dA-Za-z!@#$%^&*_]{6,}$/;
+export const checkPasswordRule = (password: string) => {
+  const patterns = [
+    /\d/, // Contains digits
+    /[a-z]/, // Contains lowercase letters
+    /[A-Z]/, // Contains uppercase letters
+    /[!@#$%^&*_]/ // Contains special characters
+  ];
+  const validChars = /^[\dA-Za-z!@#$%^&*_]{6,100}$/;
+
+  // Check length and valid characters
+  if (!validChars.test(password)) return false;
+
+  // Count how many patterns are satisfied
+  const matchCount = patterns.filter((pattern) => pattern.test(password)).length;
+
+  // Must satisfy at least 2 patterns
+  return matchCount >= 2;
+};

test/cases/global/common/string/utils.test.ts

@@ -0,0 +1,33 @@
+import { describe, expect, it } from 'vitest';
+import { checkPasswordRule } from '@/web/support/user/login/constants';
+
+describe('PasswordRule', () => {
+  it('should be a valid password', () => {
+    // Small password
+    expect(checkPasswordRule('123A')).toBe(false);
+    expect(checkPasswordRule('@ga21')).toBe(false);
+
+    // Test single type characters
+    expect(checkPasswordRule('123456')).toBe(false);
+    expect(checkPasswordRule('abcdef')).toBe(false); // only lowercase
+    expect(checkPasswordRule('ABCDEF')).toBe(false); // only uppercase
+    expect(checkPasswordRule('!@#$%^')).toBe(false); // only special chars
+
+    // Test two types combination
+    expect(checkPasswordRule('abc123')).toBe(true); // lowercase + numbers
+    expect(checkPasswordRule('abcABC')).toBe(true); // lowercase + uppercase
+    expect(checkPasswordRule('abc!@#')).toBe(true); // lowercase + special chars
+    expect(checkPasswordRule('ABC!@#')).toBe(true); // uppercase + special chars
+    expect(checkPasswordRule('ABC123')).toBe(true); // uppercase + numbers
+    expect(checkPasswordRule('123!@#')).toBe(true); // numbers + special chars
+    expect(checkPasswordRule('!@123fa')).toBe(true); // numbers + special chars
+
+    // Test three types combination
+    expect(checkPasswordRule('abcABC123')).toBe(true); // lower + upper + numbers
+    expect(checkPasswordRule('abc123!@#')).toBe(true); // lower + numbers + special
+    expect(checkPasswordRule('abc!@#123')).toBe(true); // lower + special + numbers
+
+    // Test all four types
+    expect(checkPasswordRule('abcABC123!@#')).toBe(true); // all types
+  });
+});