Chore/standardize password criteria (FlowiseAI#4550)

HenryHengZJ · web-flow · commit 63ff703e7a22 · 2025-06-01T10:41:47.000+01:00
standardize password criteria
diff --git a/packages/server/src/enterprise/Interface.Enterprise.ts b/packages/server/src/enterprise/Interface.Enterprise.ts
@@ -104,8 +104,10 @@ export const OrgSetupSchema = z
         password: z
             .string()
             .min(8, 'Password must be at least 8 characters')
+            .regex(/[a-z]/, 'Password must contain at least one lowercase letter')
             .regex(/[A-Z]/, 'Password must contain at least one uppercase letter')
-            .regex(/[!@#$%^&*]/, 'Password must contain at least one special character'),
+            .regex(/\d/, 'Password must contain at least one digit')
+            .regex(/[^a-zA-Z0-9]/, 'Password must contain at least one special character'),
         confirmPassword: z.string().min(1, 'Confirm Password is required')
     })
     .refine((data) => data.password === data.confirmPassword, {
@@ -122,8 +124,10 @@ export const RegisterUserSchema = z
         password: z
             .string()
             .min(8, 'Password must be at least 8 characters')
+            .regex(/[a-z]/, 'Password must contain at least one lowercase letter')
             .regex(/[A-Z]/, 'Password must contain at least one uppercase letter')
-            .regex(/[!@#$%^&*]/, 'Password must contain at least one special character'),
+            .regex(/\d/, 'Password must contain at least one digit')
+            .regex(/[^a-zA-Z0-9]/, 'Password must contain at least one special character'),
         confirmPassword: z.string().min(1, 'Confirm Password is required'),
         token: z.string().min(1, 'Invite Code is required')
     })
diff --git a/packages/server/src/enterprise/utils/validation.util.ts b/packages/server/src/enterprise/utils/validation.util.ts
@@ -18,6 +18,6 @@ export function isInvalidDateTime(dateTime: unknown): boolean {
 }
 
 export function isInvalidPassword(password: unknown): boolean {
-    const regexPassword = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[@$!%*?&-])[A-Za-z\d@$!%*?&-]{8,}$/
+    const regexPassword = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z0-9]).{8,}$/
     return !password || typeof password !== 'string' || !regexPassword.test(password)
 }
diff --git a/packages/ui/src/utils/validation.js b/packages/ui/src/utils/validation.js
@@ -6,7 +6,7 @@ export const passwordSchema = z
     .regex(/[a-z]/, 'Password must contain at least one lowercase letter')
     .regex(/[A-Z]/, 'Password must contain at least one uppercase letter')
     .regex(/\d/, 'Password must contain at least one digit')
-    .regex(/[@$!%*?&-]/, 'Password must contain at least one special character (@$!%*?&-)')
+    .regex(/[^a-zA-Z0-9]/, 'Password must contain at least one special character')
 
 export const validatePassword = (password) => {
     const result = passwordSchema.safeParse(password)
diff --git a/packages/ui/src/views/account/UserProfile.jsx b/packages/ui/src/views/account/UserProfile.jsx
@@ -257,7 +257,7 @@ const UserProfile = () => {
                                     <Typography variant='caption'>
                                         <i>
                                             Password must be at least 8 characters long and contain at least one lowercase letter, one
-                                            uppercase letter, one digit, and one special character (@$!%*?&-).
+                                            uppercase letter, one digit, and one special character.
                                         </i>
                                     </Typography>
                                 </Box>
diff --git a/packages/ui/src/views/account/index.jsx b/packages/ui/src/views/account/index.jsx
@@ -791,7 +791,7 @@ const AccountSettings = () => {
                                             <Typography variant='caption'>
                                                 <i>
                                                     Password must be at least 8 characters long and contain at least one lowercase letter,
-                                                    one uppercase letter, one digit, and one special character (@$!%*?&-).
+                                                    one uppercase letter, one digit, and one special character.
                                                 </i>
                                             </Typography>
                                         </Box>
diff --git a/packages/ui/src/views/auth/register.jsx b/packages/ui/src/views/auth/register.jsx
@@ -359,7 +359,7 @@ const RegisterPage = () => {
                                 <Typography variant='caption'>
                                     <i>
                                         Password must be at least 8 characters long and contain at least one lowercase letter, one uppercase
-                                        letter, one digit, and one special character (@$!%*?&-).
+                                        letter, one digit, and one special character.
                                     </i>
                                 </Typography>
                             </Box>
diff --git a/packages/ui/src/views/auth/resetPassword.jsx b/packages/ui/src/views/auth/resetPassword.jsx
@@ -220,7 +220,7 @@ const ResetPasswordPage = () => {
                                 <Typography variant='caption'>
                                     <i>
                                         Password must be at least 8 characters long and contain at least one lowercase letter, one uppercase
-                                        letter, one digit, and one special character (@$!%*?&-).
+                                        letter, one digit, and one special character.
                                     </i>
                                 </Typography>
                             </Box>
diff --git a/packages/ui/src/views/organization/index.jsx b/packages/ui/src/views/organization/index.jsx
@@ -172,7 +172,7 @@ const OrganizationSetupPage = () => {
             if (isEnterpriseLicensed) {
                 finalErrMessage = `Error in registering organization. Please contact your administrator. (${errMessage})`
             } else {
-                finalErrMessage = `Error in registering account.`
+                finalErrMessage = `Error in registering account: ${errMessage}`
             }
             setAuthError(finalErrMessage)
             setLoading(false)
@@ -396,7 +396,7 @@ const OrganizationSetupPage = () => {
                                 <Typography variant='caption'>
                                     <i>
                                         Password must be at least 8 characters long and contain at least one lowercase letter, one uppercase
-                                        letter, one digit, and one special character (@$!%*?&-).
+                                        letter, one digit, and one special character.
                                     </i>
                                 </Typography>
                             </Box>

Original file line number	Diff line number	Diff line change
`@@ -18,6 +18,6 @@ export function isInvalidDateTime(dateTime: unknown): boolean {`
`18`	`18`	`}`
`19`	`19`
`20`	`20`	`export function isInvalidPassword(password: unknown): boolean {`
`21`		`- const regexPassword = /^(?=.[a-z])(?=.[A-Z])(?=.\d)(?=.[@$!%?&-])[A-Za-z\d@$!%?&-]{8,}$/`
	`21`	`+ const regexPassword = /^(?=.[a-z])(?=.[A-Z])(?=.\d)(?=.[^a-zA-Z0-9]).{8,}$/`
`22`	`22`	`return !password \|\| typeof password !== 'string' \|\| !regexPassword.test(password)`
`23`	`23`	`}`