fix: improve password validation flow (#15132)

Refers to #14984 Currently, password validation is done backend side and is not explicit enough so it can be painful to create first users. We'd like to make this validation easier - but also duplicate it frontend side to make it smoother. Flows involved : - First user set password - New user set password - Change password --------- Co-authored-by: BrunoQuaresma <bruno_nonato_quaresma@hotmail.com>
2025-07-03 16:13:58 +00:00 · 2024-11-05 17:22:32 +01:00
parent 8b5a18cade
commit 4fe2c5f09a
21 changed files with 530 additions and 74 deletions
--- a/coderd/users_test.go
+++ b/coderd/users_test.go
@ -1219,6 +1219,24 @@ func TestUpdateUserPassword(t *testing.T) {
 		require.Equal(t, database.AuditActionWrite, auditor.AuditLogs()[numLogs-1].Action)
 	})

+	t.Run("ValidateUserPassword", func(t *testing.T) {
+		t.Parallel()
+		auditor := audit.NewMock()
+		client := coderdtest.New(t, &coderdtest.Options{Auditor: auditor})
+
+		_ = coderdtest.CreateFirstUser(t, client)
+
+		ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
+		defer cancel()
+
+		resp, err := client.ValidateUserPassword(ctx, codersdk.ValidateUserPasswordRequest{
+			Password: "MySecurePassword!",
+		})
+
+		require.NoError(t, err, "users shoud be able to validate complexity of a potential new password")
+		require.True(t, resp.Valid)
+	})
+
 	t.Run("ChangingPasswordDeletesKeys", func(t *testing.T) {
 		t.Parallel()