From 4f460c91f73ab60dd20ec4d7b4e4e9a06b6197cf Mon Sep 17 00:00:00 2001
From: Henry <hzj94@hotmail.com>
Date: Thu, 14 Aug 2025 21:32:43 +0800
Subject: [PATCH] add password validation

---
 .../server/src/enterprise/utils/validation.util.ts   | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/packages/server/src/enterprise/utils/validation.util.ts b/packages/server/src/enterprise/utils/validation.util.ts
index 96015ee68..c1738fc46 100644
--- a/packages/server/src/enterprise/utils/validation.util.ts
+++ b/packages/server/src/enterprise/utils/validation.util.ts
@@ -18,6 +18,16 @@ export function isInvalidDateTime(dateTime: unknown): boolean {
 }
 
 export function isInvalidPassword(password: unknown): boolean {
+    // Minimum Length: At least 8 characters
+    // Maximum Length: No more than 128 characters
+    // Lowercase Letter: Must contain at least one lowercase letter (a-z)
+    // Uppercase Letter: Must contain at least one uppercase letter (A-Z)
+    // Digit: Must contain at least one number (0-9)
+    // Special Character: Must contain at least one special character (anything that's not a letter or number)
+    if (!password || typeof password !== 'string' || password.length > 128) {
+        return true
+    }
+
     const regexPassword = /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*[^a-zA-Z0-9]).{8,}$/
-    return !password || typeof password !== 'string' || !regexPassword.test(password)
+    return !regexPassword.test(password)
 }