- admin password length is in settings now

Author: devgopher

Botticelli.Server.Back/Controllers/UserController.cs

@@ -1,9 +1,11 @@
 using Botticelli.Server.Back.Services.Auth;
+using Botticelli.Server.Back.Settings;
 using Botticelli.Server.Data.Entities.Auth;
 using Botticelli.Shared.Utils;
 using MapsterMapper;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
 using PasswordGenerator;
 
 namespace Botticelli.Server.Back.Controllers;
@@ -14,13 +16,14 @@ namespace Botticelli.Server.Back.Controllers;
 [ApiController]
 [Authorize(AuthenticationSchemes = "Bearer")]
 [Route("/v1/user")]
-public class UserController(IUserService userService, IMapper mapper, IPasswordSender passwordSender) : Controller
+public class UserController(IUserService userService, IMapper mapper, IPasswordSender passwordSender, IOptionsMonitor<ServerSettings> settings) : Controller
 {
     private readonly IPassword _password = new Password(true,
                                                         true,
                                                         true,
                                                         false,
-                                                        12);
+                                                        Random.Shared.Next(settings.CurrentValue.PasswordMinLength, 
+                                                                           settings.CurrentValue.PasswordMaxLength));
 
     /// <summary>
     ///     Does system contain any users?

Botticelli.Server.Back/Services/Auth/AdminAuthService.cs

@@ -1,15 +1,13 @@
 using System.IdentityModel.Tokens.Jwt;
 using System.Security.Claims;
 using System.Text;
-using Botticelli.Server.Back.Settings;
 using Botticelli.Server.Data;
 using Botticelli.Server.Data.Entities.Auth;
 using Botticelli.Server.Data.Exceptions;
 using Botticelli.Server.Models.Responses;
 using Botticelli.Shared.Utils;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.EntityFrameworkCore;
-using Microsoft.Extensions.Options;
 using Microsoft.IdentityModel.Tokens;
 
 namespace Botticelli.Server.Back.Services.Auth;
@@ -27,8 +25,7 @@ public class AdminAuthService : IAdminAuthService
     public AdminAuthService(IConfiguration config,
                             IHttpContextAccessor httpContextAccessor,
                             ServerDataContext context,
-                            ILogger<AdminAuthService> logger,
-                            IOptionsMonitor<ServerSettings> settings)
+                            ILogger<AdminAuthService> logger)
     {
         _config = config;
         _httpContextAccessor = httpContextAccessor;

Botticelli.Server.Back/Settings/ServerSettings.cs

@@ -18,4 +18,6 @@ public class ServerSettings
     public string? AnalyticsUrl { get; set; }
     public required string SecureStorageConnection { get; set; }
     public bool UseSsl { get; set; }
+    public int PasswordMinLength { get; set; } = 8;
+    public int PasswordMaxLength { get; set; } = 12;
 }

Botticelli.Server.Back/appsettings.json

@@ -46,6 +46,8 @@
     },
     "serverEmail": "",
     "serverUrl": "",
-    "analyticsUrl": ""
+    "analyticsUrl": "",
+    "PasswordMinLength": 8,
+    "PasswordMaxLength": 12
   }
 }