sto3psl opened a new issue #2951:
URL: https://github.com/apache/couchdb/issues/2951
## Summary
When creating users in CouchDB with `PUT /_users/org.couchdb.user:<name>` I
would like to have the ability to enforce password rules. For example, a
password should have a minimum length of 10 characters, special characters or
whatever the developer of the app wants.
I tried to accomplish this with the `validate_doc_update` function but
realised that the passed document already contains `derived_key` and `salt` but
no password.
My current solution involves a serverless function that acts as proxy and
checks the password requirements before passing the request to CouchDB.
## Desired Behaviour
When a request is made to `PUT /_users/org.couchdb.user:<name>`, CouchDB
should validate the password and return an HTTP `400` error if the validation
fails. Ideally the response contains a message like: `Password does not conform
to requirements.`
## Possible Solution
I had a quick chat with @janl about this problem and his idea was to add a
`passwordRegex` config option to CouchDB.
Example:
```ini
# Check that a password has 10 or more characters
passwordReqex = /.{10,}/
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
